Emory Law Journal

Excessive Corporate Risk-Taking and the Decline of Personal Blame Copyright © 2015 by Steven L. Schwarcz. An earlier version of this Article was entitled Liability for Financial Failure: Corporate Risk-Taking and the Decline of Personal Blame.
Steven L. Schwarcz Stanley A. Star Professor of Law & Business, Duke University School of Law; Founding Director, Duke Global Financial Markets Center; Senior Fellow, the Centre for International Governance Innovation. Email: schwarcz@law.duke.edu. For valuable comments, I thank Edward Balleisen, Samuel Buell, Andrew Coan, Lisa Kern Griffin, Wulf A. Kaal, Ted Kaufman, Charles Klingman, Robert T. Miller, Richard Painter, Karen West, and participants in a faculty workshop at The University of Arizona James E. Rogers College of Law and a conference at The George Washington University Law School (sponsored by its Center for Law, Economics, and Finance). I also thank Craig Warren Fitch, Eric Pacifici, and Joy Peng for invaluable research assistance. Additionally, I thank Karen West for helping to research certain post-financial crisis government investigatory and enforcement actions. Support is provided in part by a grant from the International Insolvency Institute Foundation.

Abstract

Government agencies and prosecutors are being criticized for seeking so few indictments against individuals in the wake of the 2008–2009 financial crisis and its resulting banking failures. This Article analyzes why—contrary to a longstanding historical trend—personal liability may be on the decline, and whether agencies and prosecutors should be doing more. The analysis confronts fundamental policy questions concerning changing corporate and social norms. The public and the media perceive the crisis’s harm as a “wrong” caused by excessive risk-taking. But that view can be too simplistic, ignoring the reality that firms must take greater risks to try to innovate and create value in the increasingly competitive and complex global economy. This Article examines how law should control that risk-taking and internalize its costs without impeding broader economic progress, focusing on two key elements of that inquiry: the extent to which corporate risk-taking should be regarded as excessive, and the extent to which personal liability should be used to control that excessive risk-taking.

Introduction

There has been significant frustration with the Obama administration, 1See, e.g., Interview by Frontline with Ted Kaufman, Del. Senator (Nov. 20, 2012), (expressing frustration and disappointment with his own political party that no prosecutions had gone forward). as well as with foreign governments, 2See, e.g., Sarah White, In Post-Lehman Clean-Up, Top Banker Prosecutions Stumble, Reuters (Sep. 13, 2013, 3:06 PM), (observing the frustration in the United Kingdom and in Spain stemming from the paucity of attempts to prosecute those in the “highest echelons of banking,” and also observing that “[f]rustrations over the slow progress of legal probes in Spain is even leading some activist groups to consider lobbying the United Nations to list economic crimes as a crime against humanity, even though they admit it is unlikely to happen”). for not seeking criminal or even civil liability against individuals responsible for the excessive risk-taking that was a principal cause of the 2008–2009 global financial crisis (the financial crisis) and its associated banking failures. 3Excessive risk-taking is widely regarded to have been a principal cause of the financial crisis. See, e.g., Fin. Crisis Inquiry Comm’n, The Financial Crisis Inquiry Report: Final Report of the National Commission on the Causes of the Financial and Economic Crisis in the United States xviii–xix (2011) (identifying excessive risk-taking as a primary cause of the financial crisis); Jacob J. Lew, Opinion, Let’s Leave Wall Street’s Risky Practices in the Past, Wash. Post (Jan. 9, 2015), (repeatedly attributing the financial crisis to “excessive risks taken by financial” firms); The Origins of the Financial Crisis: Crash Course, Economist (Sept. 7, 2013), (identifying excessive risk-taking as one of three causes of the financial crisis, the other causes being irresponsible lending and regulators being “asleep at the wheel”); see also infra notes 22–23 and accompanying text (observing that most of the actions leading to the financial crisis represented excessive corporate risk-taking). Although this Article uses the hyphenated term “risk-taking,” some sources may equivalently refer to “risktaking” or “risk taking.” Despite criticism—and against the historical trend during much of the twentieth century 4In response to the 1980s savings-and-loan crisis, for example, special U.S. government task forces referred 1,100 cases to prosecutors, which resulted in more than 800 bank officials being jailed. Gretchen Morgenson & Louise Story, In Financial Crisis, No Prosecutions of Top Figures, N.Y. Times, Apr. 14, 2011, at A1, ; see also David Zaring, Litigating the Financial Crisis, 100 Va. L. Rev. 1405, 1411–13 (2014) (arguing that the lack of individual liability following the financial crisis has been quite surprising, especially when considering the last housing crisis where over one thousand financial executives were convicted of crimes and the dotcom collapse of 1999–2000 where a similar number were held accountable). Zaring further observes that “holding no executives responsible during this collapse in the housing market, while imprisoning hundreds of them during earlier downturns, smacks of arbitrariness, or, even worse, a different standard for Wall Street and Main Street financiers.” Id. at 1413. —few financial executives have been prosecuted. 5See, e.g., Colin Maher, Note, Crisis Not Averted: Lack of Criminal Prosecutions Leave Limited Consequences for Those Responsible for the Financial Crisis, 39 New Eng. J. on Crim. & Civ. Confinement 459, 462 (2013). Maher also discusses the Fraud Enforcement Recovery Act of 2009 (FERA), which was enacted in response to the financial crisis, in order to broaden federal fraud statutes to include mortgage lending businesses and brokers, wherever found, and to increase federal investigative and prosecutorial resources for mortgage fraud detection and prosecution. Id. at 464. No criminal prosecutions resulted. Maher notes that there was a questionable increase in resources, the government was still required to prove specific intent, and although future frauds might be prosecuted using FERA, the Ex Post Facto Clause of the U.S. Constitution would bar charges against those engaged in problematic actions before the enactment of FERA. Id. at 465. Rather, the primary focus of prosecutors has been the financial firms themselves. 6In August 2012, for example, the U.S. Department of Justice determined that it had no basis to prosecute Goldman Sachs employees in regard to allegations in the Levin–Coburn Report that Goldman Sachs made large profits from marketing collateralized debt obligations (CDO) securities backed by subprime mortgage loans as safe investments to clients, while betting against the same securities. See Dominique Debucquoy-Dodley, No ‘Viable Basis’ to Prosecute Goldman, Justice Department Says, CNN (Aug. 10, 2012, 7:13 AM), ; infra note 17. Goldman Sachs nonetheless paid $550 million in settlement of civil claims with regard to the activity in question. Phil Mattingly & Robert Schmidt, U.S. Agencies Probing Goldman Findings After Senate Referral, Bloomberg (May 4, 2011, 12:01 AM), .

Numerous firms have been fined for activities related to the financial crisis, including the origination, packaging, and sale of mortgage-backed securities. These fines are certainly substantial 7Richard McGregor & Aaron Stanley, Banks Pay Out $100bn in U.S. Fines, Fin. Times (Mar. 25, 2014, 6:42 PM), (quoting Tony Fratto of Hamilton Place Strategies as stating that the fines were “very substantial”). —aggregating in the tens of billions of dollars, 8See Jason M. Breslow & Evan Wexler, How JP Morgan’s $13 Billion Settlement Stacks Up, Frontline: The Untouchables (Nov. 19, 2013, 8:57 PM), . This Article reports settlements made with financial institutions for abuses involving the type of mortgage-related activities that led to the financial crisis, including a $25 billion settlement with Bank of America Chase, JP Morgan Chase, Wells Fargo, Citigroup, and Ally Financial; a $13 billion settlement with JP Morgan Chase; a $550 million settlement with Goldman Sachs, and a $417 million settlement with JP Morgan and Credit Suisse. Id. In July 2014, Citigroup agreed to a $7 billion settlement with the Department of Justice, arising from Citigroup repeatedly ignoring warnings that a significant portion of the mortgages it packaged and sold to investors in 2006 and 2007 had underwriting defects. See Jason M. Breslow, Citigroup to Pay $7 Billion to End Mortgage Deal Probe, Frontline: The Untouchables (July 14, 2014, 1:03 PM), ; see also Andrew Grossman & Christina Rexrode, Citi to Pay $7 Billion to Settle Loan Probe, Wall St. J., July 15, 2014, at A1. In August 2014, a settlement of $16 billion was announced with Bank of America, the largest in U.S. corporate history. Christina Rexrode & Andrew Grossman, BofA Accord Ends a Long Legal Drama, Wall St. J., Aug. 22, 2014, at C1. The U.S. Department of Justice is reportedly engaged in settlement negotiations with a number of banks, and there is some evidence that fines are getting stiffer. Id. which is comparable if not larger than the aggregate yearly income of the largest financial firms. 9McGregor & Stanley, supra note 7 (“A little more than $52bn of the total was paid out in 2013 alone. . . . JPMorgan Chase, Bank of America, Citigroup, Wells Fargo, Morgan Stanley, and Goldman Sachs [] had combined earnings of $76bn in 2013 . . . .”). But from the perspective of multiple-year earnings, some experts view the fines as simply the “cost of doing business.” 10Id. (quoting Professor Anat Admati of Stanford University). Professor Coffee similarly claims that “the SEC is settling cheaply with entities and ignoring individuals—a policy of parking tickets for securities fraud.” 11John C. Coffee, Jr., Adolph A. Berle Professor of Law, Columbia Univ. Law Sch., Presentation at the New York City Bar 1st Annual Securities Regulation and Enforcement Institute Program: Securities Enforcement: What Has Happened? Why Are Folks Upset? What Can Be Done? (Dec. 11, 2012), .

Whether or not firms are settling cheaply, the real concern is that, being managed by individuals, firms themselves are second-best targets of deterrence. 12See Claire A. Hill & Richard W. Painter, Why S.E.C. Settlements Should Hold Senior Executives Liable, N.Y. Times (May 29, 2012, 11:28 AM), (arguing that when penalties are assessed only against an entity, the individuals responsible have little incentive to change their behavior and thus, in order to change that incentive, individuals should also be personally liable); see also Claire Hill & Richard W. Painter, Berle’s Vision Beyond Shareholder Interests: Why Investment Bankers Should Have (Some) Personal Liability, 33 Seattle U. L. Rev. 1173, 1187–89 (2010) (arguing that high-level bankers should be held personally liable). Targeting managers in their personal capacity is thus widely viewed as a greater, 13See, e.g., Mary Jo White, U.S. SEC Chair, Speech at the Council of Institutional Investors Fall Conference in Chicago, IL: Deploying the Full Enforcement Arsenal (Sept. 26, 2013), (observing two reasons for this greater deterrence: that economic actions taken against individuals not only require them to pay out of their only pockets but also impose reputational costs—a form of shaming—causing the individuals to lose social standing). The reputational costs might also include, of course, the inability to continue working in the financial sector. Id. if not also a more optimal, 14Some argue that adding the threat of personal liability to the threat of firm-level liability should be the optimal deterrent. See, e.g., A. Mitchell Polinsky & Steven Shavell, Should Employees Be Subject to Fines and Imprisonment Given the Existence of Corporate Liability?, 13 Int’l Rev. L. & Econ. 239, 246–50 (1993) (arguing that personal liability is needed in addition to firm-level liability to reach the optimal level of deterring corporate moral hazard); Cedric Argenton, Eric van Damme & Sigrid Suetens, Optimal Deterrence of Illegal Behavior Under Imperfect Corporate Governance 26 (Tilburg Law & Econ. Ctr., Working Paper No. 2014-053, 2014), (same). deterrent than firm-level liability. Better deterrence is critical because insufficient deterrence could sow the seeds—as may already be occurring 15See, e.g., Tracy Alloway, US Banks Warn on ‘Excessive’ Risk-Taking, Fin. Times (Aug. 6, 2014, 3:53 PM), (reporting that a member of the Treasury Borrowing Advisory Committee, a group of banks and investors selected to help advise on markets and the economy, “warned the U.S. Treasury Department that low volatility in many financial markets is creating a feedback loop that exacerbates ‘excessive risk-taking’ by investors”); Victoria McGrane, Obama Meets Top U.S. Financial Regulators at White House, Wall St. J. (Oct. 6, 2014, 6:11 PM), (observing executive branch frustration that “Wall Street is still taking on too much risk in the pursuit of self-enrichment”). —for future systemic meltdowns. 16Cf. Press Release, U.S. Senate Permanent Subcomm. on Investigations, Senate Investigations Subcommittee Releases Levin-Coburn Report On the Financial Crisis (Apr. 13, 2011), (statement by Senator Tom Coburn attributing blame for the financial crisis to “Wall Street bankers who let greed run wild”). Given that many of the activities that led to the financial crisis occurred in 2006 and 2007, the window of opportunity to pursue personal liability cases stemming from the crisis may have passed. The consequences could be horrific. The financial crisis itself was

an economic assault that cost millions of Americans their jobs and homes, while wiping out investors, good businesses, and markets . . . . High risk lending [and other activities] contaminated the U.S. financial system with toxic mortgages and undermined public trust in U.S. markets. 17Id.

Moreover, in addition to increasing deterrence, targeting managers in their personal capacity can help to increase accountability and fairness:

[W]hen it comes to financial fraud, the [U.S. Justice] department recognizes the inherent value of bringing enforcement actions against individuals, as opposed to simply the companies that employ them. We believe that doing so is both important—and appropriate—for several reasons: First, it enhances accountability . . . [because] corporate misconduct must necessarily be committed by flesh-and-blood human beings. . . .

Second, it promotes fairness—because, when misconduct is the work of a known bad actor, or a handful of known bad actors, it’s not right for punishment to be borne exclusively by the company, its employees, and its innocent shareholders.

And finally, it has a powerful deterrent effect. 18Eric Holder, U.S. Att’y Gen., Remarks on Financial Fraud Prosecutions at New York University School of Law (Sep. 17, 2014), ; cf. Ted Kaufman, Opinion, Why DOJ Deemed Bank Execs Too Big to Jail, Forbes (July 29, 2013, 9:30 AM), (quoting Lanny Breuer, head of the Criminal Division of the U.S. Department of Justice, who observed that “[t]he strongest deterrent against corporate crime is the prospect of prison time for individual employees”); Jed S. Rakoff, The Financial Crisis: Why Have No High-Level Executives Been Prosecuted?, N.Y. Rev. Books, Jan. 9, 2014, at 4 (arguing that the individual prosecution is a better deterrent and more technically and morally sound than prosecuting a company); Benjamin M. Lawsky, Superintendent, N.Y. State Dep’t of Fin. Serv., Address at the Exchequer Club (Mar. 19, 2014), (“[R]eal deterrence, in my opinion, means a focus not just on corporate accountability, but on individual accountability.”).

This Article examines the extent to which managers, in their personal capacity, should be subjected to liability (personal liability) in order to better deter excessive corporate risk-taking. 19In theory, this Article’s analysis can apply to any type of firm that engages in business. In practice, the analysis is intended primarily to apply to systemically important firms—that is, firms whose failure would be likely to have systemic consequences. Individuals potentially can be subjected to criminal liability and to non-criminal liability. Criminal personal liability ordinarily involves incarceration and sometimes involves monetary penalties. Non-criminal (or civil) personal liability ordinarily involves only monetary penalties.

Because this Article is concerned with deterring excessive corporate risk taking, it focuses on personal liability in the form of monetary penalties. Excessive corporate risk-taking is not—and arguably should not be 20Cf. infra note 22 and accompanying text (observing that the risk-taking leading to the financial crisis resulted not from criminal intent but from poor decisions, bad judgment, and greed). —criminal per se, or even criminally fraudulent. 21Cf. Jean Eaglesham, Financial Crimes Bedevil Prosecutors, Wall St. J. (Dec. 6, 2011), (reporting that some legal experts have explained that “most controversial behavior [such as risk-taking] likely was a product of poor judgment, not criminal wrongdoing”); Peter J. Henning, Making Misconduct a Crime, N.Y. Times (June 24, 2013, 2:13 PM), (observing the Department of Justice’s explanation for the lack of criminal prosecutions of corporate executives for risktaking: “the difficulty prosecutors face in proving an individual’s specific intent to commit a crime”). Although most of the actions leading to the financial crisis represented excessive corporate risk-taking, that risk-taking largely resulted from poor decisions, bad judgment, and greed—and not criminal intent. 22Christine Hurt, The Duty to Manage Risk, 39 J. Corp. L. 253, 256–57 (2014). There are, of course, other reasons advanced for the financial crisis. See, e.g., Arthur E. Wilmarth, Jr., Turning a Blind Eye: Why Washington Keeps Giving in to Wall Street, 81 U. Cin. L. Rev. 1283, 1283–84 (2013) (maintaining that the financial crisis resulted from Wall Street’s alleged co-option of politicians and regulators). The head of the Criminal Division of the U.S. Department of Justice has likewise recognized the inapplicability of criminal law to deter excessive corporate risk-taking:

I’ve literally had lawyers and U.S. attorneys studying every single one of these [financial crisis failures] . . . . with the same level of zealousness that we have in all those other areas[] they’ve looked at it. But ultimately they have said in many of these cases that we cannot bring a criminal case. . . .

. . . . 

. . . I am personally offended by much of what I have seen. I think there was a level of greed, a level of excessive risk taking in this situation that I find abominable and I find very upsetting. But that is not what makes a criminal case. . . .

. . . .

. . . [O]ur criminal justice system is created so that in that kind of a situation, we cannot prevail. 23Interview by Frontline with Lanny Breuer, Head of Criminal Div., U.S. Dep’t of Justice (Nov. 30, 2012) (emphasis added), . Breuer suggests, as does this Article, that civil liability is the more appropriate remedy: “[I]f you can establish that you . . . were open about your greed, that you were open about [and disclosed] the fact that your representations may not be precise [and the other side accepts that or doesn’t care], do I think we . . . . should sue you for every penny you’re worth? I think we should sue you for every penny you’re worth.” Id.

Unqualified references in this Article to personal liability will hereinafter mean liability for monetary penalties only. This focus on civil liability says nothing about whether future financial crises could result from fraud or other criminal actions—as opposed to excessive risk-taking. The law may well already be sufficient, however, to deter many of those criminal actions. 24Cf. Rakoff, supra note 18 (arguing that criminal liability should be imposed if the Great Recession arose from “fraudulent practices, of dubious mortgages portrayed as sound risks and packaged into ever more esoteric financial instruments, the fundamental weaknesses of which were intentionally obscured”). There is no indication, for example, of a decline in personal criminal prosecutions of financial fraud. 25Cf. Holder, supra note 18 (“Between 2009 and 2013, the Justice Department charged more white-collar defendants than during any previous five-year period going back to at least 1994.”). There is a related inquiry that is beyond the scope of this Article: whether certain types of financial fraud cases are becoming difficult to criminally prosecute because their complexities undermine the ability of prosecutors to prove guilt beyond a reasonable doubt. For more information on the failed securities-fraud criminal case against two Bear Stearns hedge fund managers that may exemplify this type of case, see infra note 81 and accompanying text. Attorney General Holder observes thatwhen it comes to more complex transactions that involve more sophisticated traders—as opposed to run-of-the-mill “liar loan” cases or out-and-out Ponzi schemes—a criminal prosecution of an individual can be difficult, more complicated, to mount. This is true for any number of reasons—from possible advice-of-counsel defenses; to the adequacy or inadequacy of written disclosures; to the difficulty to establish materiality and intent. And in some instances, it is simply not possible to establish knowledge of a particular scheme on the part of a high-ranking executive who is far removed from a firm’s day-to-day operations.This has been a source of frustration for the public for a long time.Holder, supra note 18.

This Article begins by analyzing why, post-financial crisis, prosecution has focused so heavily on firm-level liability and not personal liability. To that end, Part I examines changes in financial firms and markets, changes in law’s intersection with finance, and changes in prosecutorial behavior that may be impeding the imposition of personal liability for excessive corporate risk taking. In that context, it also examines what “excessive” corporate risk taking should mean in a world of increasing systemic risk.

Part II next analyzes whether more should be done to impose personal liability for excessive corporate risk-taking. It begins by examining whether firm-level liability is sufficient to control and internalize the costs of that risk taking. Thereafter, it examines whether firm-level liability is efficient to control and internalize those costs.

Finally, Part III explores what more could be done to impose personal liability in light of the aforesaid changes, without undermining broader economic progress. In that context, it proposes, among other things, a public governance duty under which a systemically important firm’s managers should be required to run the firm as agents not only for the investors but also for the public, and also should be personally liable if they breach that duty—just as they are now personally liable if they breach their governance duty to investors. Consistent with the view that optimal regulation should include flexibility in choosing different forms of public control, 26See infra notes 137–39 and accompanying text. This Article does not examine all forms of optimal regulation that could limit excessive risk-taking or its systemic consequences; its scope is limited to regulation that imposes personal liability to deter excessive risk-taking. Thus, the Article does not consider, for example, whether to break up systemically important firms. I am, however, separately comparing regulation that imposes personal liability to deter excessive risk-taking with other forms of regulation. See infra note 142. Part III also considers personal liability imposed indirectly by law, such as narrowing the limited liability protection of certain shareholding managers to reduce moral hazard.

I. Changes Impeding the Imposition of Personal Liability

This Part examines changes that may be impeding the imposition of personal liability for excessive corporate risk-taking, in order to understand why the post-financial crisis prosecution has focused so heavily on firm-level liability. The examination focuses first on changes in financial firms and markets, then on changes in law’s intersection with finance, and finally on changes in prosecutorial behavior.

A. Changes in Firms and Markets

1. Systemic Risk Is Complicating What Constitutes “Excessive” Risk Taking

The financial crisis has raised concern over excessive corporate risk taking. 27See Fin. Crisis Inquiry Comm’n, supra note 3, at xvii–xix; Hurt, supra note 22, at 254–57 (observing that most of the actions leading to the financial crisis represented excessive corporate risk-taking); Lew, supra note 3. The increasingly competitive and complex global economy, however, requires firms to take greater risks to innovate and create economic value. 28Cf. Gabriel Jiménez, Jose A. Lopez & Jesús Saurina, How Does Competition Impact Bank Risk-Taking? 2 (Fed. Reserve Bank of S.F. Working Paper Series, Paper No. 2007-23, 2007), (arguing that increasing competition among banks increases the need to engage in risk-taking: “Competition [in banking] should . . . encourage [banks] to pursue riskier policies in an attempt to maintain [their] former profits”). Unsophisticated attempts to curtail risk-taking could inadvertently destroy that value. 29See Eduardo Porter, Recession’s True Cost Is Still Being Tallied, N.Y. Times (Jan. 21, 2014), (observing that regulations that require financial institutions to increase capital cushions to buffer against risks and potential losses have been criticized for cutting into global economic output and reducing jobs). It therefore is critical to be able to distinguish appropriate from excessive risk-taking.

Until the financial crisis, it seemed relatively easy to make that distinction by taking into account the consequences of corporate risk-taking. Most observers assumed that a firm’s failure would primarily, if not exclusively, harm its investors. 30Hurt, supra note 22, at 290 (“If excessive risk-taking harms anyone, it is the shareholder.”); cf. Robert T. Miller, Oversight Liability for Risk-Management Failures at Financial Firms, 84 S. Cal. L. Rev. 47, 110 (2010) (observing and expanding that traditional view by listing four different ways in which financial risks can be excessive, one them being risks in excess of the shareholders’ risk tolerance). Accordingly, corporate risk-taking was assessed—and therefore “excessive” risk-taking was implicitly defined—by its potential impact on those investors, typically focusing on the tension between risk seeking shareholders and more risk-averse creditors. 31See, e.g., Steven L. Schwarcz, Rethinking a Corporation’s Obligations to Creditors, 17 Cardozo L. Rev. 647, 679 (1996). Shareholders tend to be risk-seeking because they typically benefit fully from an increase in a firm’s value but only partially are harmed by a decrease. Creditors tend to be more risk-averse because they typically do not benefit from an increase in a firm’s value and are harmed by a fall in the firm’s value that causes insolvency. Id. at 674. In most circumstances, 32The exception is a firm’s insolvency, and arguably also its “contingent insolvency,” when the firm’s creditors effectively become senior residual equity claimants. See Schwarcz, supra note 31, at 671–72 (explaining this and defining contingent insolvency). the interests of shareholders would trump those of creditors, who nonetheless could try to bargain to protect their (risk-averse) interests through contractual covenants in their loan agreements. 33Id. at 651 & n.12. The responsibilities of a firm’s managers, who run the firm as agents for the investors, to engage in corporate risk-taking were therefore primarily driven by shareholder interests. Moreover, the enforcement of those responsibilities was delegated to privately enforced rights, 34See infra note 139 and accompanying text (discussing public control through privately enforced rights). through such means as shareholder derivative suits. 35Hurt, supra note 22, at 258–59; e.g., Miller, supra note 30, at 89–90. Other private remedies are available too, including the ability of investors to sell their securities and to cause poor managers to be removed. Hurt, supra note 22, at 258.

Systemic risk—in this context, the risk that a financial firm’s failure will impact other financial firms or markets, resulting in a domino-type collapse that ultimately harms the real economy 36Cf. Steven L. Schwarcz, Systemic Risk, 97 Geo. L.J. 193, 204 (2008) (defining systemic risk). The “real economy” means the economic reality, such as a recession, that people actually experience. —is complicating corporate risk taking and intensifying the consequences of corporate failure. By creating ambiguity about what amount of risk-taking is “excessive,” systemic risk confuses even corporate law experts about when to penalize risk-taking that causes a firm to fail. 37See, e.g., Wulf A. Kaal & Richard W. Painter, Initial Reflections on an Evolving Standard: Constraints on Risk Taking by Directors and Officers in Germany and the United States, 40 Seton Hall L. Rev. 1433, 1438, 1441, 1465 (2010) (observing the controversy over “whether there is any such thing as excessive risk, and if so, how excessive risk is to be defined”). There are two sources of confusion, one semantic, the other substantive. The semantic source of confusion stems from emotionally laden terminology—the tendency of the public and the media to characterize risk-taking corporate managers as wrongdoers if their firm fails. 38See infra notes 131–36 and accompanying text. Another factor causing this confusion is that, because the law increasingly lags financial innovation, many actions taken by financial firms will not be illegal when taken although they may later become illegal. See infra notes 54– 56 and accompanying text. To mitigate this confusion, this Article will limit the term “wrong” to an action that violates law. Thus, a manager that causes a firm to engage in risk-taking will not, for purposes of this Article, be acting wrongfully (or be a wrongdoer) if such risk-taking does not violate law. 39Cf. infra notes 131–36 and accompanying text (observing that economic harm is not always caused by wrongdoers).

The substantive source of confusion is that the failure of a “systemically important” firm 40This Article’s analysis is not limited to banks or even to financial firms generally. Rather, it should apply to any type of firm whose failure could have systemic consequences. The United States and other foreign governments are currently grappling with how to define those types of firms. Cf. Daniel Schwarcz & Steven L. Schwarcz, Regulating Systemic Risk in Insurance, 81 U. Chi. L. Rev. 1569, 1580–84 (2014) (discussing the criteria of interconnectedness, substitutability, and size that governments are using to define systemically important firms). can harm not only its investors but also, by triggering a systemic collapse, the public at large. 41Miller, supra note 30, at 109–10 (observing that when different types of “excessive risk” are distinguished, the type that may have been the actual cause of the financial crisis may be different from the type used to justify imposition of personal liability); Schwarcz, supra note 36, at 206 (observing that harm to the real economy hurts the public). Current law does not require firms to fully internalize that cost. 42Cf. Viral Acharya et al., How to Measure and Regulate Systemic Risk, NYU Leonard N. Stern Sch. Bus., 1, 4, (arguing that current financial regulation does not provide the incentives to internalize negative externalities) (last visited Nov. 1, 2015). As a result, a firm may well decide to engage in a transaction that is expected to be profitable—thereby favorable to its investors and thus appropriate corporate risk-taking under existing corporate governance law—even though doing so could increase systemic risk. That’s because much of the harm from a resulting systemic collapse would be externalized onto other market participants as well as onto ordinary citizens impacted by an economic collapse. 43Schwarcz, supra note 36, at 206. The collapse of Lehman Brothers illustrates this. Lehman Brothers had engaged in highly profitable, but also high-risk and high-leverage, business strategies. The financial stresses caused by “defaults in the subprime mortgage and commercial real estate markets” then caused Lehman Brothers to default, roiling financial markets and threatening the entire U.S. economy with collapse. Edward J. Estrada, The Immediate and Lasting Impacts of the 2008 Economic Collapse—Lehman Brothers, General Motors, and the Secured Credit Markets, 45 U. Rich. L. Rev. 1111, 1115 (2011). This could be described as a type of “tragedy of the commons,” 44Miller, supra note 30, at 117 (describing this as “an example of a well-understood type of collective action problem—a tragedy of the commons”); see also Schwarcz, supra note 36, at 206. insofar as market participants suffer from the actions of other market participants. 45Steven L. Schwarcz, Controlling Financial Chaos: The Power and Limits of Law, 2012 Wis. L. Rev. 815, 821. But it also is a more standard externality insofar as non-market participants, such as the ordinary citizens impacted by an economic collapse, suffer from the actions of market participants. 46Id.

Whatever one calls this cost, neither firms nor their investors have a clear duty to the public to internalize it. 47Creditors, for example, still try to protect their (risk-averse) interests through contractual covenants, but those covenants do not purport, and are not required, to protect against systemic risk. Indeed, nobody is speaking for the public’s interest in avoiding systemic harm when firms engage in corporate risk-taking. That voice needs to be heard as part of the determination of whether corporate risk-taking is excessive. 48Cf. Miller, supra note 30, at 109–10 (arguing that the difficulty of imposing personal liability for excessive risk-taking stems from the fact that there are various meanings of excessive risk, including “excessive systemic risk, that is, risk in excess of what can be socially justified”). Part III examines how that could be done. 49See infra Part III.A.

2. Decision-Making is Becoming More Decentralized

Another reason for the decline of personal liability may be the increasingly decentralized nature of decision-making at large financial services firms, which makes it difficult to assign personal liability for excessive risk-taking. Senior executives do not even get involved in the design of potentially risky financial products, such as collateralized debt obligations (CDOs). 50CDOs are asset-backed securities that are backed by—and thus their payment derives principally or entirely from—a mixed pool of mortgage loans, other financial assets owned by a special-purpose entity, or both. Steven L. Schwarcz, Protecting Financial Markets: Lessons from the Subprime Mortgage Meltdown, 93 Minn. L. Rev. 373, 376 (2008). By using CDOs as an example, I am not suggesting that designing a CDO is inherently bad, much less illegal. In my experience, if the financial assets backing a CDO are diversified loan obligations, the CDO’s securities may well be a prudent investment. Greater risk can arise, however, where those financial assets themselves consist of already leveraged asset-backed securities (ABS) or derivatives (such as credit–default swaps). Id. at 376–77, 376 n.19. CDO transactions involving financial assets consisting of ABS or derivatives are sometimes referred to as “resecuritizations” or ABS CDO transactions—the latter term referring to a CDO of ABS. Id. at 376–77. An ABS CDO transaction backed by derivatives is sometimes also referred to as a “synthetic” transaction. Id. at 376 n.19.

Former Attorney General Holder has intimated that this decentralized decision-making is intended to protect managers from personal liability: “corporations are structured to blur lines of authority and prevent responsibility for individual business decisions from residing with a single person.” 51Holder, supra note 18. In reality, though, it may well be intended to maximize corporate efficiency and innovation. Decentralization is said to have “three general benefits: (1) it encourages motivation and creativity; (2) it allows many minds to work simultaneously on the same problem; and (3) it accommodates flexibility and individualization.” 52Thomas W. Malone, Making the Decision to Decentralize, Harv. Bus. Sch.: Working Knowledge (Mar. 29, 2004), ; cf. Chris Joseph, The Advantages of a Decentralized Organizational Structure, Hous. Chron., (last visited Nov. 1, 2015) (arguing that decentralization empowers employees, creates more efficient decision-making, and eases the burden of expansion). Business scholars also argue that decentralized decision making is necessary in a globalized economy, providing firms with “the much needed flexibility to deal with rapidly changing market conditions.” 53Panos Mourdoukoutas, Business Strategy in a Semiglobal Economy 125 (2006).

Whatever the intention, a side effect of decentralized decision-making is to make it more difficult to assign risk-taking responsibility, and thus to impose personal liability for excessive risk-taking.

B. Changes in Law’s Intersection with Finance

Changes in how the law intersects with finance may also be impeding the imposition of personal liability for excessive risk-taking.

1. The Law Increasingly Is Lagging Financial Innovation

One such change is that, as the financial industry and financial products become more complex, the law increasingly lags financial innovation. 54See, e.g., Erik F. Gerding, Law, Bubbles, and Financial Regulation 500 (2014). Gerding stated thatanother persistent challenge to financial regulators . . . [is] keeping up with the pace of private sector financial innovation. The rapid development of new financial instruments, transactions, and markets confounds the ability of regulators to understand the true purpose behind these inventions . . . let alone to spot systemic and other risks.Id.; Eric J. Pan, Understanding Financial Regulation, 2012 Utah L. Rev. 1897, 1934 (“Regulators must manage complexity. The development of new financial products stresses the capacity of regulators to keep up and understand how to regulate these instruments.”); Steven L. Schwarcz, Regulating Complexity in Financial Markets, 87 Wash. U. L. Rev. 211, 240 (2009). Even when regulators acquire industry information, it may be of only limited relevance to the current situation. 55Cf. Henry T.C. Hu, Misunderstood Derivatives: The Causes of Informational Failure and the Promise of Regulatory Incrementalism, 102 Yale L.J. 1457, 1499 (1993) (arguing that regulators cannot keep up with the development of complex derivatives products because of the time lag); Edward J. Kane, Hair of the Dog that Bit Us: The Insufficiency of New and Improved Capital Requirements 6 (Aug. 11, 2014) (unpublished manuscript), (“In the metagame of controlling regulation-induced risk-taking, regulators are outcoached, outgunned, and always playing from behind.”). That time lag goes to information acquisition—in other words, the lag in regulators obtaining information. The increasing income disparity, now more than two-to-one, between financial industry employees and their government regulatory counterparts may even be lengthening the time lag by making it more difficult for financial regulators to understand and process complex information once obtained. 56See generally Steven L. Schwarcz, Intrinsic Imbalance: The Impact of Income Disparity on Financial Regulation, 78 Law & Contemp. Probs. 97 (2015) (discussing how income disparity, coupled with the complexity of financial products and markets, creates “information asymmetry” between regulators and the industry).

Whatever is causing the time lag, it is real—and many risky actions by financial firms will not be illegal when taken. Therefore, the executives who determine and manage those actions will not be acting illegally at the time.

2. Systemic Harm Is Limiting Proof of Causation

Another change impeding the imposition of personal liability for excessive risk-taking is that the primary harm now caused by financial failure—systemic harm—limits the application of tort law. Tort law, which is part of what Richard Posner calls public control through the common law system of privately enforced rights, 57See infra note 139 and accompanying text. has long been a fundamental tool to impose personal civil liability to remedy harm for unreasonable risk-taking. 58See, e.g., Franklin A. Gevurtz, The Role of Corporate Law in Preventing a Financial Crisis: Reflections on In re Citigroup Inc. Shareholder Derivative Litigation, 23 Pac. McGeorge Global Bus. & Dev. L.J. 113, 127 (2010) (observing that the concept of “[i]mposing liability to pay the damages resulting from unreasonable risks . . . . is a pillar of tort law”). Its utility is limited, however, to remedying foreseeable harm. 59Steven L. Schwarcz, The Governance Structure of Shadow Banking: Rethinking Assumptions About Limited Liability, 90 Notre Dame L. Rev. 1, 22 (2014). But systemic harm is rarely foreseeable. 60Id.

Systemic harm instead affects a wide range of third parties in unpredictable ways. Consider, for example, an individual who is forced to close her family owned restaurant during a systemically caused recession. Or taking a more concrete example from the financial crisis, consider whether to impose tort liability on a manager of a financial firm who, in the expectation of a bonus, sells risky ABS CDO securities 61See supra note 50 (explaining ABS CDO securities). to investors, contributing to that crisis. Tort law could not—and probably should not—be used to impose personal liability on that manager for the resulting systemic harm. 62Arguably, another example of a change in the intersection of law and finance that is impeding the imposition of personal liability might be that regulatory coordination is diminishing. Financial regulators sometimes attempt to coordinate their efforts in order to increase effective regulation and decrease duplication. U.S. Gov’t Accountability Off., GAO-12-151, Dodd-Frank Act Regulations: Implementation Could Benefit from Additional Analyses and Coordination 20 (2011). Professor Utset argues, for example, that a regulatory agency may delay imposing personal liability for financial wrongdoing due to a mistaken belief that another agency will. Manuel A. Utset, Rational Financial Meltdowns, 10 Hastings Bus. L.J. 407, 430–31 (2014). This coordination problem is especially problematic where multiple agencies—such as the SEC, the Consumer Financial Protection Bureau (CFPB), and the DOJ—have jurisdiction. See id. Therefore, this coordination problem will ultimately lead to under-enforcement if each of the agencies mistakenly believes that another agency is taking care of the problem. Id. The problem with this example is that, in response to the financial crisis, the Dodd–Frank Act requires the Financial Stability Oversight Council (FSOC) to “facilitate interagency coordination by facilitating information sharing and coordination among its member agencies and other federal and state agencies on the development of financial services policy, rulemaking, examinations, reporting requirements, and enforcement actions.” U.S Gov’t Accountability Off., supra at 21 (citing 12 U.S.C. § 5322(a)(2)(E)). Therefore, even if regulatory coordination was diminishing prior to the financial crisis, it now is likely to increase.

In contrast, tort law might be more effective in internalizing systemic harm when applied to firms, rather than individuals. 63Recall that tort law constitutes public control through privately enforced rights. See infra note 139 and accompanying text. Another reason that tort law might be more effective in internalizing systemic harm when applied to firms, rather than individuals, is that “the notion of risk in torts is very different from the notion of risk in finance.” Miller, supra note 30, at 122. Civil damages can be imposed on firms for “all harms, regardless of foreseeability, under the allocation-of-resources justification of enterprise liability.” 64Steven L. Schwarcz & Lucy Chang, The Custom-to-Failure Cycle, 62 Duke L.J. 767, 789–90, 789 n.108 (2012) (citing Guido Calabresi, Some Thoughts on Risk Distribution and the Law of Torts, 70 Yale L.J. 499, 529 (1961)). The reasoning behind enterprise liability is “that prices should reflect the ‘actual costs’ of goods so as to allow purchasers to make informed decisions.” 65Id. at 789. Therefore, “‘the cost of injuries should be borne by the activities which caused them,’ regardless of fault, because injuries represent a ‘real cost’ of those activities.” 66Id. Further, “[f]oreseeability is irrelevant under enterprise liability because unforeseeable harms are ‘just as truly costs’ of doing business as foreseeable harms.” 67Id. at 789–90.

C. Changes in Prosecutorial Behavior

Changes in prosecutorial behavior may also be impeding the imposition of personal liability for excessive risk-taking. The analysis below first examines the impact of prosecutors becoming more risk averse, arguing that is unlikely to be an impediment. Thereafter, the analysis examines the impact of a diminishment in prosecutorial resources, arguing that this diminishment is more clearly an impediment to the imposition of personal liability. 68Judge Rakoff suggests that there is another reason why changes in prosecutorial behavior may be impeding the imposition of personal liability: the reluctance to prosecute may partly derive from the federal government’s own role in inadvertently triggering the financial crisis, including de-regulation, lax banking oversight, keeping interest rates low, and the encouragement of subprime lending to provide housing for low-income people. See Rakoff, supra note 24. Any such reluctance, however, should logically apply not only to imposing personal liability but also to imposing firm-level liability.

1. Awareness of Adverse Consequences Is Creating Risk Aversion

The increased awareness that a prosecution can have adverse economic consequences is creating prosecutorial risk aversion. As explained below, however, that risk aversion should not be relevant to imposing personal liability.

The seminal event triggering awareness that a prosecution can have adverse economic consequences was the 2002 criminal prosecution and conviction of accounting giant Arthur Andersen, which resulted in the firm’s demise and the loss of tens of thousands of jobs. 69United States v. Arthur Andersen, LLP, 374 F.3d 281 (5th Cir. 2004) (affirming the trial court’s conviction of Arthur Andersen for obstruction of justice for destroying Enron’s documents after the government commenced its investigation of Enron’s accounting), rev’d, Arthur Andersen, LLP v. United States, 544 U.S. 696 (2005); Jesse Eisinger, The Fall Guy: There’s a Reason Only One Top Banker Went to Jail for the Financial Crisis, N.Y. Times Mag., May 4, 2014, at 34. Ironically, this conviction was overturned by the Supreme Court in 2005 because the trial court erred by granting the government’s request to loosen the standard jury instructions. Andersen, 544 U.S. 696. At a Senate Judiciary Committee hearing on March 6, 2013, then-Attorney General Eric Holder told lawmakers that prosecuting financial crimes could have a negative economic impact, and that this concern has impacted prosecutorial decisions. 70Randall W. Forsyth, Too Big to Jail, Barron’s, March 11, 2013, at 5. Attorney General Holder expressed concerns that “if you do prosecute, if you do bring a criminal charge, it will have a negative impact on the national economy, perhaps even the world economy.” Id. Holder later said his comments were misconstrued. In a weekly video address, he promised aggressive enforcement, saying that there was no such thing as “too big to jail,” clarifying that enforcement should be coupled with consultation with regulators to avoid broader economic impacts. The Justice Department, No Company or Individual Is Too Big to Jail, YouTube (Oct. 15, 2014), . Similarly, Assistant Attorney General Lanny Breuer has publicly observed that the Justice Department is presented with arguments from defense counsel, senior executives, and economists that an indictment could cause a bank to fail, innocent employees to lose jobs, shareholders to suffer, and the health of entire industries and global markets to be impacted—and that he finds some of these arguments convincing. 71Lanny A. Breuer, Assistant Att’y Gen., U.S. Dep’t. of Justice Criminal Div., Address at the New York City Bar Association: The Role of Deferred Prosecution Agreements in White Collar Criminal Law Enforcement (Sept. 13, 2012), .

Whether the potential for adverse economic consequences should make prosecutors risk averse when imposing firm-level liability, 72The precedents cited go to firm-level criminal liability, sometimes referred to as “too big to jail.” I later discuss firm-level civil liability. See infra Part II. it should not make them risk averse when imposing personal liability. Prosecuting individuals should be far less likely to cause adverse economic consequences than prosecuting firms because the former is much less likely to cause a firm’s demise. This raises all the more the question of why the trend is to impose firm-level, and not personal, liability. 73Professor Levitin raises other possible explanations for prosecutorial risk aversion. One is the “deep personal, cultural, financial and political ties” between the administration and Wall Street as well as a “fear that the Obama administration would be accused of an anti-business witch hunt if it went after Wall Street.” Joe Nocera, Opinion, The Hole in Holder’s Legacy, N.Y. Times (Sept. 29, 2014), (quoting Professor Levitin in a personal email to the author). Again, this explanation fails to account for the move to prosecute firms rather than individuals. Another explanation Nocera advances for prosecutorial risk aversion is “a lack of understanding of the products and markets involved.” Id. At least part of the answer, as explained below, is the diminishment in prosecutorial resources.

2. Shrinking of Resources Is Tightening Risk-Reward Assessment

Like everyone else, prosecutors have limited resources. 74See, e.g., Michael Edmund O’Neill, When Prosecutors Don’t: Trends in Federal Prosecutorial Declinations, 79 Notre Dame L. Rev. 221, 224 (2003) (“Scarce resources . . . dictate that prosecutors will be unable to pursue each matter that is placed upon their desk for consideration.”); cf. Adam M. Gershowitz & Laura R. Killinger, The State (Never) Rests: How Excessive Prosecutorial Caseloads Harm Criminal Defendants, 105 Nw. U. L. Rev. 261, 264 (2011) (“Because they are overburdened, prosecutors—who are sworn to achieve justice, not to win at all costs—lack the time and resources to carefully assess which defendants are most deserving of punishment.”). Gershowitz and Killinger further explain that “[o]verburdened prosecutors who lack the time to thoroughly investigate cases, subpoena witnesses, meet with experts, and complete a host of other tasks will find themselves disadvantaged at trial. Guilty defendants who should be convicted go free because prosecutors lack the time and resources necessary to win at trial.” Id. at 265; cf. Utset, supra note 62, at 429 (arguing that regulators delay monitoring and disciplining financial institutions because of budgetary limitations). Post September 11, 2001, a number of government agencies that previously investigated the financial industry lost some of their resources to anti-terrorism investigations. 75Rakoff, supra note 18, at 6. Judge Rakoff observes thatbefore 2001, the FBI had more than one thousand agents assigned to investigating financial frauds, but after September 11 many of these agents were shifted to antiterrorism work. Who can argue with that? Yet the result was that, by 2007 or so, there were only 120 agents reviewing the more than 50,000 reports of mortgage fraud filed by the banks.Id. Moreover, after the Madoff fraud, the SEC attempted to “deflect criticism from its failure to detect” that fraud by concentrating on Ponzi-like schemes, thereby further diverting resources that would have been available for prosecuting other types of financial failures. 76Id.

Prosecutors are thus under increasing pressure to spend their resources for maximum impact. Logically, they will choose the prosecutorial routes that, for the money spent, best balances risk and reward. Outside of clear-cut fraud cases, that route often involves pursuing firms—which are more likely to settle as a cost of doing business 77See supra notes 10–11 and accompanying text. — not individuals. 78See text accompanying notes 1–6.

Pursuing individuals can be very costly. Prosecutors will often have to start their investigation by ferreting out and gathering basic information and evidence, which can take months if not years of work. 79See Urska Velikonja, Leverage, Sanctions, and Deterrence of Accounting Fraud, 44 U.C. Davis L. Rev. 1281 (2011) (arguing that wrongdoing insiders are rarely sanctioned due to prohibitive costs and managers’ control of discovering individual identities and actions of this information); Eisinger, supra note 69, at 34. The rate of successful prosecutions is also low, perhaps in part due to a self-reinforcing trend: as prosecutors spend less time engaged in actual litigation, their trial skills can diminish. 80Nocera, supra note 73 (“[O]ver the years, the [U.S.] Justice Department saw ‘an erosion of the department’s actual trial skills.’” (quoting Eisenger, supra note 69, at 34)). Thus, a prominent commentator argues that recent changes, focusing on reaching settlements, in the Justice Department’s approach to white collar crime has diminished that Department’s expertise to litigate and win trials involving financial complexity, particularly against top-notch law firms representing defendants. 81Eisinger, supra note 69. In the Justice Department’s single foray into bringing a criminal case against individuals involved in the financial crisis, the two accused Bear Stearns hedge fund managers were acquitted. Amir Efrati & Peter Lattman, U.S. Loses Bear Fraud Case, Wall St. J., Nov. 11, 2009, at A.1, http://www.wsj.com/articles/SB125788421912541971. Jurors found there was no evidence of criminal intent beyond a reasonable doubt, with one juror saying that the prosecution had not provided enough information. Id.; cf. Zaring, supra note 4, at 1441 (arguing that the lack of prosecutions following the financial crisis is due, in part, to the government’s belief that these cases are too difficult to win).

Juries may also be reluctant to hold individuals liable, even for monetary damages. 82Recall that this Article focuses on civil personal liability. Cf. supra notes 20–23 and accompanying text (explaining this limited focus). The SEC, for example, brought federal securities law civil actions against Citigroup Global Markets, Inc. 83SEC v. Citigroup Global Capital Mkts., 827 F. Supp. 2d. 328, 329 (S.D.N.Y. 2011), vacated, 752 F.3d 285 (2d Cir. 2014). and Brian Stoker, 84SEC v. Stoker, 865 F. Supp. 2d 457 (S.D.N.Y. 2012). the executive principally responsible for structuring and marketing securities of a risky and highly complex synthetic ABS CDO transaction, backed by credit–default swaps on other CDOs whose value was tied to the U.S. housing market. 85Cf. Schwarcz, supra note 50 (explaining ABS CDO transactions). The SEC alleged, among other things, that $500 million of the assets included in the ABS CDO had been falsely marketed to investors as having been selected by a third party, using the third party’s proprietary selection process, and that the marketing materials failed to disclose that Citigroup separately bet against those assets. Stoker, 865 F. Supp. 2d at 462. Following a two-week trial, a jury found Stoker not liable. 86Peter Lattman, A Jury’s Message for Wall Street, N.Y. Times, Aug. 4, 2012, at B1, http://query.nytimes.com/gst/fullpage.html?res=9C04EED71739F937A3575BC0A9649D8B63. The jury apparently did not want to make Stoker a scapegoat. 87Id. (quoting the jury foreman as wondering why Citigroup’s CEO wasn’t on trial). The jury also issued the following statement, which was read by presiding Judge Rakoff: “This verdict should not deter the S.E.C. from investigating the financial industry, to review current regulations and modify existing regulations as necessary.” Peter Lattman, Jury Clears Ex-Manager at Citigroup in Debt Case, N.Y. Times, Aug. 1, 2012, at B1, http://query.nytimes.com/gst/fullpage.html?res=9A0DE5DD1230F932A3575BC0A9649D8B63; see also Marian Wang, Why No Financial Crisis Prosecutions? Ex-Justice Official Says It’s Just Too Hard, ProPublica (Dec. 6, 2011, 3:08 PM), .

At least in part because of these costs, personal liability is now rarely pursued in complex financial cases, and, when it is, it is primarily through civil settlements that do not admit wrongdoing. In March 2014, for example, former Bank of America chief executive, Kenneth Lewis, settled a civil prosecution regarding an alleged failure to disclose increasing losses at Merrill Lynch & Co. prior to its acquisition. 88James Sterngold, Dan Fitzpatrick & Nick Timiraos, BofA, Ex-CEO Lewis Settle Crisis-Era Suits, Wall St. J. (Mar. 26, 2014, 7:24 PM), . The settlement required Lewis to pay $10 million and accept a three-year ban from working at any public company, but it did not require him to admit any wrongdoing. 89Id.

In contrast to the hurdles involved in pursuing personal liability, prosecutors pursuing firm-level liability have a clearer and easier path. Generally, they start by inviting the company’s counsel to discuss the possibility of an investigation. 90Rakoff, supra note 18. Such counsel will ask the prosecutors to defer the investigation until counsel does an internal investigation; in return, the company will share the results of its investigation with the prosecutors. 91Id. After sharing those results, the company and the prosecutors will decide what mistakes were made and—sometimes memorialized through a deferred prosecution agreement 92See infra notes 96–99 and accompanying text. —how the company will avoid those mistakes in the future. 93Rakoff, supra note 18. Although the executives are not prosecuted, future mistakes will, hopefully, be prevented, and the government will save on time and resources. 94But see Rakoff, supra note 18. Even tort law might be more effective, as discussed, when applied to firms rather than to individuals. See Schwarcz & Chang, supra note 64; see also Miller, supra note 30, at 122.

II. Should More Be Done to Impose Personal Liability?

The discussion so far has shown that changes in firms and markets, in the intersection of law and finance, and in prosecutorial behavior are creating real impediments to the imposition of personal liability for excessive risk-taking. These impediments include confusion about what risk-taking is excessive; the increasingly decentralized nature of decision-making at large financial services firms, which makes it difficult to assign personal liability; heightened complexity, which causes the law increasingly to lag financial innovation; and shrinking resources, which increase pressure on prosecutors to spend for maximum impact and, in turn, motivates them to often pursue firms, not individuals. Anything more that is done to impose personal liability would have to avoid these impediments.

This Part examines whether, at least in theory, more should be done to try to impose personal liability for excessive corporate risk-taking. The examination first considers whether firm-level liability is sufficient to control and internalize the costs of that risk-taking. Thereafter, it considers whether firm-level liability can efficiently control and internalize those costs. These inquiries show that firm-level liability may well be insufficient, and almost certainly will be inefficient, to control and internalize those costs. Part III of this Article then explores what more could be done, given the aforesaid impediments, to impose personal liability.

A. Is Firm-Level Liability a Sufficient Deterrent?

Recall that firm-level liability is a second-best deterrent because firms are managed by individuals. 95See supra notes 12–14 and accompanying text. Many nonetheless view firm-level liability as a valuable deterrent when it is imposed through deferred prosecution agreements (DPAs). 96A DPA is a contractual arrangement between a firm and the government that enables the firm to avoid prosecution in return for agreeing to act responsibly in the future. See Wulf A. Kaal & Timothy A. Lacine, The Effect of Deferred and Non-Prosecution Agreements on Corporate Governance: Evidence from 1993–2013, 70 Bus. Law. 61, 63 (2015). In a typical DPA, the government “imposes sanctions, such as fines, restitution, and institutional changes,” or imposes particular reporting duties. Id. If (as applicable) the firm observes those sanctions, pays the fines and restitution, makes the requested changes, and provides the reporting, it can avoid prosecution. Id. This Article uses the more common term, DPA, to also include a non-prosecution agreement (NPA). Technically, a DPA refers to an arrangement that dismisses filed charges and an NPA refers to an arrangement not to file charges in the first place. Id. Former Assistant Attorney General Breuer has argued, for example, that firm-level DPAs can bring large settlements and oversight that can have great punitive and deterrent effect. 97See Breuer, supra note 71. He explains that a deferred prosecution agreement is a powerful tool because

when a company enters into a DPA with the government, . . . it almost always must acknowledge wrongdoing, agree to cooperate with the government’s investigation, pay a fine, agree to improve its compliance program, and agree to face prosecution if it fails to satisfy the terms of the agreement. All of these components of DPAs are critical for accountability. 98Id.

Professor Arlen also observes that a DPA can incentivize firms to monitor, police, and deter crime by creating or improving internal compliance programs under the threat of firm-level sanctions. 99Jennifer Arlen, Corporate Criminal Liability: Theory and Evidence, in Research Handbook on the Economics Criminal Law 144, 169 (Alon Harel & Keith N. Hylton eds., 2012); cf. Kaal & Lacine, supra note 96, at 62, 119 (arguing that deferred and non-prosecution agreements have increased substantially in recent years and have led to broad changes and improvements to corporate governance).

But the fact that firm-level liability in the form of DPAs can be a valuable deterrent does not prove it is a sufficient deterrent. Some question whether DPAs provide adequate sanctions. 100See, e.g., Mike Koehler, The Foreign Corrupt Practices Act Under the Microscope, 15 U. Pa. J. Bus. L. 1, 19 (2012) (“[DPAs] allow egregious instances of corporate conduct to be resolved too lightly. Because the government does not file actual charges to which a company must plead, such conduct is often resolved without adequate sanctions and without achieving maximum deterrence.”). Others question whether firms always comply with them. Professor Brandon Garrett has found, for example, that since 2001 at least eight large banks have continued to engage in actions prohibited by the DPAs. 101Brandon L. Garrett, Recidivist Banks, Brandon L. Garrett (Oct. 30, 2014), . Garrett further observes that the DPAs implemented from 2001 to 2012 have been largely ineffective due, in part, to fines that have lacked any meaningful impact. Brandon L. Garrett, Too Big to Jail: How Prosecutors Compromise With Corporations 67–70 (2014). DPAs also have failed to require companies to assess the effectiveness of compliance programs, and there have been very few monitors overseeing such agreements:[T]he more I have examined how prosecutors have actually implemented the [DPA] approach, the more troubled I have become. Prosecutors allow many large companies to avoid an indictment or a conviction, largely freeing them from judicial oversight . . . .. . . The terms of these agreements often lack any rigorous structural reforms. Most did require the creation of some kind of compliance program (63 percent, or 160 of 255 agreements), but only a quarter called for independent monitors to supervise compliance, and fewer required evaluating the effectiveness of compliance. . . . The agreements were short-lived, lasting for an average of just over two years. It is doubtful that a large company’s culture can be reformed in so little time. Despite the genuine ambition of the new approach, reading the terms of these agreements tells us something quite unsettling about how large corporate prosecutions are actually resolved.Id. at 47–48. And recent media articles are reporting that several major financial institutions are being reinvestigated for possible DPA violations. 102See, e.g., Ben Protess & Jessica Silver-Greenberg, Repeat Offenses Are Suspected on Wall Street, N.Y. Times, Oct. 30, 2014, at A1. For example, prosecutors in Washington and New York are investigating whether the British bank, Standard Chartered, repeatedly violated a DPA entered into as part of a 2012 settlement over accusations that it transferred billions of dollars to nations blacklisted by the United States. Id. As Protess and SilverGreenberg point out, “The cycle of misbehavior is difficult to break. Regulators and prosecutors blame a culture that prioritizes profit over compliance. And as banks have grown larger, and more international, illegality can stop in one unit of a bank even as it flourishes in another.” Id.

Most germane to this Article, it is uncertain whether prosecutors would attempt—and if they did, whether they legally would have the right—to apply DPAs to deter excessive corporate risk-taking, even risk-taking that results in systemic harm. DPAs are normally applied only to deter crime and other illegal actions. 103See, e.g., U.S. Gov’t Accountability Off., GAO-10-110, Corporate Crime: DOJ Has Taken Steps to Better Track Its Use of Deferred and Non-Prosecution Agreements, but Should Evaluate Effectiveness 2 (2009) (“DOJ views DPAs and NPAs as appropriate tools to use in cases where the goals of punishing and deterring criminal behavior, providing restitution to victims, and reforming otherwise law-abiding companies can be achieved without criminal prosecution.”); cf. Jed S. Rakoff, Justice Deferred Is Justice Denied, N.Y. Rev. Books (Feb. 19, 2014), (observing that the “intellectual origins” of DPAs “can be traced back at least to the 1980s, when various academics suggested that the best way to deter ‘crime in the suites’ was to foster a culture within companies of acting ethically and responsibly”). Excessive corporate risk-taking, however, is not (and should not necessarily be) illegal. 104See supra text accompanying note 39; cf. infra notes 132–34 and accompanying text (observing that economic harm is not always caused by wrongdoers). Furthermore, until this Article, excessive systemic corporate risk-taking had not even been clearly defined.

It therefore remains uncertain whether firm-level liability, even in the form of DPAs, is a sufficient deterrent to control and internalize the costs of excessive corporate risk-taking. As explained below, however, whether or not DPAs and other forms of firm-level liability are a sufficient deterrent, they are not an efficient deterrent.

B. Is Firm-Level Liability an Efficient Deterrent?

Firm-level liability is generally regarded as inefficient because it imposes significant externalities: the punishment goes beyond those who are responsible, impacting third parties. I have already mentioned the prosecution of Arthur Andersen, which caused tens of thousands of employees to lose their jobs. 105See supra note 69 and accompanying text. Firm-level liability that causes a firm to fail would harm not only employees: it would hurt shareholders and creditors, and it might impact the health of entire industries and global markets. 106See supra notes 69–71 and accompanying text. Even if the firm does not fail and employees retain their jobs, firm-level liability (such as a fine) will be detrimental to people who were not necessarily culpable, such as stockholders and creditors, who will suffer a loss in the value of their securities. 107John C. Coffee, Jr., “No Soul to Damn: No Body to Kick”: An Unscandalized Inquiry into the Problem of Corporate Punishment, 79 Mich. L. Rev. 386, 401 (1981).

Some argue that imposing firm-level liability in the form of DPAs could avoid that harm, while still being an effective deterrent. 108See, e.g., Kaal & Lacine, supra note 96, at 63–64. Indeed, the “avoidance of collateral consequences is the most commonly cited reason for the use of” DPAs. 109Id. at 69. If a firm complies with a DPA, it should be able to avoid having to actually pay a fine. As indicated, however, the reality is that not all firms comply with their DPAs. 110See supra notes 101–02 and accompanying text (observing that some firms continue to engage in actions prohibited by DPAs); see also Court E. Golumbic & Albert D. Lichy, The “Too Big to Jail” Effect and the Impact on the Justice Department’s Corporate Charging Policy, 65 Hastings L.J. 1293, 1312 n.126 (2013) (citing Elkan Abramowitz & Barry A. Bohrer, The Debate About Deferred and Non-Prosecution Agreements, 248 N.Y. L.J., Nov. 6, 2012, at 3 (“DPAs . . . allow[] corporate criminals to receive no more than a slap on the wrist and make the decision to police criminal activity within a corporation ‘just another dollars-and-cents decision.’” (alteration in original))).

There also is a risk that the very fact that DPAs are becoming a standard first step in enforcement will inadvertently undermine compliance. A firm that anticipates merely becoming subject to a DPA rather than being prosecuted or fined will have a reduced incentive to comply in the first instance. DPAs, in other words, might actually create moral hazard by protecting firms against the adverse consequences of their own actions. 111A partial solution to reduce this moral hazard might be for prosecutors to utilize constructive ambiguity, sometimes offering firms DPAs and sometimes prosecuting or fining them. The use of constructive ambiguity prior to the financial crisis to try to reduce moral hazard suggests, however, that it can be ineffective. Once the Federal Reserve bailed out Bear Stearns, everyone expected it to bail out Lehman Brothers. U.S. Fin. Crisis Inquiry Comm’n, supra note 3, at 482–83. Moreover, the shock caused by the Fed’s failure to bail out Lehman Brothers was the final straw that triggered the collapse that led to the financial crisis. See id. (explaining that market participants did not expect the Federal Reserve to fail to rescue Lehman after Bear’s bailout and, thus, the resulting economic uncertainty caused the banks to hoard cash and stop all lending to other banks).

In short, although DPAs could be a helpful way to impose firm-level liability, more should be done to impose personal liability in order to control and internalize the costs of excessive corporate risk-taking. Next, Part III of this Article will discuss what more could be done to achieve that.

III. What More Could Be Done?

This Part examines possible proposals to impose personal liability to control and internalize the costs of excessive corporate risk-taking, without undermining economic progress. The proposals are designed to respond to, among other things, the impediments discussed in Part I of this Article. 112See supra Part I (discussing the changes impeding the imposition of personal liability). They do not purport to respond, however, to the impediment that the shrinking of prosecutorial resources is tightening risk-reward assessment; 113See supra Part I.C.2. increasing those resources would inherently be a political decision. 114There might be legal ways, however, to try to increase the effectiveness of those resources, such as by outsourcing prosecutions to expert trial lawyers. Cf. Steven L. Schwarcz, To Make or to Buy: In-House Lawyering and Value Creation, 33 J. Corp. L. 497 (2008) (examining the comparative efficiency of using in-house lawyers or hiring outside counsel).

To help ensure that the proposals do not inadvertently undermine economic progress, 115Cf. Manuel Sánchez, Financial Innovation and the Global Crisis, 5 Int’l J. Bus. & Mgmt., Nov. 2010, at 26, 31 (arguing that in order to reduce the possibility of future financial instability, “regulation and supervision should help align the incentives of market participants towards prudent risk taking,” which can be accomplished without impeding financial innovation). each proposal is subjected to a policy-level cost–benefit analysis. 116A “cost–benefit analysis,” which in economic terms parallels a Kaldor–Hicks efficiency analysis, generally seeks to provide guidance on the formation of policy by comparing the policy’s benefits and costs. Lewis A. Kornhauser, On Justifying Cost-Benefit Analysis, 29 J. Legal Stud. 1037, 1037–39 (2000). Its main justification is pragmatic, in that it “often seems to improve the quality of decisions.” Richard A. Posner, Cost-Benefit Analysis: Definition, Justification, and Comment on Conference Papers, 29 J. Legal Stud. 1153, 1159 (2000) (quoting Kornhauser, supra, at 1038). It also can promote efficiency; see, e.g., Robert B. Ahdieh, Reanalyzing Cost-Benefit Analysis: Toward a Framework of Function(s) and Form(s), 88 N.Y.U. L. Rev. 1983, 2010 (2013) (arguing that cost–benefit analysis promotes efficiency by helping to achieve better outcomes, reduce cognitive biases, and more effectively set priorities). Cost–benefit analysis is always inherently imperfect, however, being influenced by subjectivity in choosing and quantifying the costs and the benefits. 117See, e.g., John C. Coates IV, Cost-Benefit Analysis of Financial Regulation: Case Studies and Implications, 124 Yale. L.J. 882, 968 (2015). Coates examines how cost–benefit analysis would work in practice if applied to financial regulation. To that end, he engages in case studies of six financial rules. He finds that quantified cost–benefit analysis of those rules can be no more than “guesstimated.” Id. at 1011. In assessing the proposals, these imperfections include not only uncertainty over the extent that risk-taking by financial firms can be beneficial to the real economy 118Some have argued, at least informally, that financial innovations are inherently less valuable than technological innovations. But cf. Kathryn Judge, Fee Effects, 98 Iowa L. Rev. 1517, 1533, 1568 (2013) (“The primary function of the capital markets is to allocate scarce resources among different projects, ideally based upon the expected returns of each.”); Sánchez, supra note 115, at 26–28 (arguing that, as long as excessive risk-taking is discouraged, financial innovation can directly improve economic well-being, benefit societies, increase material well-being, allocate financial resources to their most productive uses, lower the cost of capital, and benefit households and corporations); Ben S. Bernanke, Chairman, Fed. Reserve Sys., Address at the Federal Reserve System’s Sixth Biennial Community Affairs Research Conference: Financial Innovation and Consumer Protection (Apr. 17, 2009), (arguing that “financial innovation has improved access to credit, reduced costs, and increased choice” in the financial markets, as illustrated by the development of the secondary mortgage market—which has given “mortgage lenders greater access to the capital markets, lower[ed] transaction costs, and spread[] risk more broadly”—and the innovation of credit cards, which has improved communications, management of data, and credit scoring). but also, more significantly, the fact that the failure of systemically important firms could have massive but somewhat unquantifiable harmful consequences to the real economy. 119 E.g., supra note 17 and accompanying text (describing the financial crisis as an “economic assault that cost millions of Americans their jobs and homes, while wiping out investors, good businesses, and markets”); cf. Thomas M. Hoenig, Vice Chairman, Fed. Deposit Ins. Corp., Speech Before the Institute of International and European Affairs: Global Banking: A Failure of Structural Integrity (Dec. 13, 2013) (observing that the concentration and complexity of banking institutions have left the U.S. economy increasingly vulnerable to industry mistakes, with the eight largest U.S. global systemically important banking firms collectively holding $15 trillion in assets or the equivalent of 90% of GDP). In contrast, the failure of ordinary firms principally impacts only their shareholders and creditors.

This Article’s cost–benefit analysis will therefore focus more on inequalities than equations—not yielding precise numbers but merely attempting to determine the likely relative balance of costs and benefits. Furthermore, because the failure of systemically important firms could have massively harmful consequences, the analysis considers the possibility of taking into account a precautionary principle. Precautionary principles generally direct “regulators to err on the side of regulating an activity when the outcome of that activity is uncertain, but potentially irreversible and catastrophic.” 120Hilary J. Allen, A New Philosophy for Financial Stability Regulation, 45 Loy. U. Chi. L.J. 173, 191 (2013). Although precautionary principles have been mostly applied in assessing environmental regulation, 121See James Salzman & Barton H. Thompson, Jr., Environmental Law and Policy 16 (2d ed. 2007). they also could have application to financial regulation where, as in the case of this Article, there are potentially systemic consequences. 122Allen, supra note 120, at 191–92; see also Saule T. Omarova, License to Deal: Mandatory Approval of Complex Financial Products, 90 Wash. U. L. Rev. 63, 84 (2012) (“[A]dopting and operationalizing the general concept of precaution in the context of post-crisis financial systemic risk regulation may be a worthwhile, and even necessary, exercise.”); Schwarcz, supra note 36, at 234–35 (applying a precautionary principle to cost–benefit balancing involving systemic risk).

In implementing a precautionary principle, it is helpful to understand the principle’s different forms. Under the weak form of the principle, the “lack of decisive evidence of harm should not be grounds for refusing to regulate.” 123Allen, supra note 120, at 195 (quoting Cass R. Sunstein, Beyond the Precautionary Principle, 151 U. Pa. L. Rev. 1003, 1012 (2003)). That, however, provides no real guidance on whether to regulate. The strong form of the precautionary principle suggests that the “potential for great harm justifies any regulatory intervention, and/or that the proponent of an activity must conclusively demonstrate that the activity is safe before it is allowed.” 124Id. at 195; see also Cass R. Sunstein, Beyond the Precautionary Principle, 151 U. Pa. L. Rev. 1003, 1014 (2003) (identifying a fourth form of the precautionary principle, under which “[r]egulation should include a margin of safety, limiting activities below the level at which adverse effects have not been found or predicted”). That, however, creates an insurmountable burden not only for the proponent but also potentially for regulators, who “would be stymied . . . because by blocking any new activity for failing to satisfy an impossibly high burden of proof, they would necessarily block the benefits of these new activities, and blocking the benefits of activities is an inadvertent harm that the regulators cannot endorse.” 125Allen, supra note 120, at 196 n.90. In this Article’s context, applying the strong form of the precautionary principle would make no sense because it would effectively prevent the risk-taking that is necessary for firms to innovate and create economic value. 126See supra notes 28–29 and accompanying text.

There is, however, a semi-strong form of the precautionary principle that is sometimes applied to “activities [that] can pose great harm.” 127Allen, supra note 120, at 195. Under that principle, “precautionary regulation should be employed that effectively shifts the burden to prove that the activity should be permitted to the proponent of that activity, rather than forcing the regulator to make the case for why regulation is necessary.” 128Id. This semi-strong form of the precautionary principle should be relevant to this Article’s analysis because the failure of systemically important firms could trigger a systemic collapse that could greatly harm the real economy. 129See supra note 119 and accompanying text (observing that the failure of systemically important firms could have massively harmful consequences to the real economy). This Article therefore takes into account that form of the precautionary principle—shifting the burden of proving that the risk-taking should be permitted onto the proponents of the risk-taking. Because of the potential for public harm, this Article additionally takes into account a variant on that form (also called a “fourth form”) of the precautionary principle, which requires a margin of safety. 130Compare infra text accompanying notes 173–74 (arguing for a “considerably outweigh” requirement to justify private benefit that causes public harm), with Sunstein, supra note 124, at 1014 (discussing a socalled fourth form of the precautionary principle, requiring a margin of safety).

Another question in the cost–benefit analysis is how to quantify the public’s desire for retribution for harm caused by excessive risk-taking. This Article quantifies that as zero—effectively choosing not to include it as a benefit. The desire for retribution is sometimes manufactured by politicians and the media, who often perceive that a significant economic harm is a “wrong” that must have been caused by a wrongdoer:

[W]hen significant harm results, the media often reacts by trying to identify wrongdoers who should be sent to jail . . . . Recent frustration with the Obama administration for not seeking indictments in the wake of the global financial crisis and subsequent banking failures suggests continued strong impulses for retribution. 131Schwarcz & Chang, supra note 64, at 788; cf. John C. Coffee, Jr., The Political Economy of DoddFrank: Why Financial Reform Tends to Be Frustrated and Systemic Risk Perpetuated, 97 Cornell L. Rev. 1019, 1020–21 (2012) (observing that the Sarbanes–Oxley Act of 2002 and the Dodd–Frank Act of 2010 “showed hints of the public’s desire for retribution”).

As explained, however, economic harm is not always caused by wrongdoers, and indeed most of the actions leading to the financial crisis were not illegal. 132See supra notes 21–22 and accompanying text (observing that such actions mostly represented excessive, but not illegal, corporate risk-taking resulting from poor decisions, bad judgment, and greed). Bankers involved with the structuring and implementation of CDO transactions, for example, were not necessarily wrongdoers because—notwithstanding the media frenzy about the evil nature of CDO transactions 133 See, e.g., Gretchen Morgenson & Louise Story, Banks Bundled Bad Debt, Bet Against It and Won, N.Y. Times: DealBook (Dec. 23, 2009), (“The creation and sale of synthetic C.D.O.’s helped make the financial crisis worse than it might otherwise have been, effectively multiplying losses by providing more securities to bet against.”); Yves Smith, On Goldman’s (and Now Morgan Stanley’s) Deceptive Synthetic CDO Practices (aka Screwing Their Customers), Naked Capitalism (Dec. 30, 2009), . —those transactions were not all bad and almost certainly were not illegal. 134See supra note 50. In other words, there may be a misperception that the government should be hunting big game, John C. Coffee, Jr., Address at the University of St. Thomas Law Review Symposium: Beyond Crises-Driven Regulation–Initiatives for Sustainable Financial Regulation (Apr. 11, 2014) (transcript on file with author), but, mixing metaphors, the “big game” may not have done anything illegal to justify their being hunted. Prosecutors sometimes viscerally respond to political and media pressures, 135Vikramaditya S. Khanna, Corporate Crime Legislation: A Political Economy Analysis, 82 Wash. U. L.Q. 95, 126–29 (2004). which can lead to abuses of government power and process. 136For example, the OTS’s regulatory action against Kaye Scholer in response to the Lincoln Saving & Loan Association crisis illustrates how a government entity may abuse retroactive law to alleviate political pressure imposed by the public and the media. See Steven L. Schwarcz, The Limits of Lawyering: Legal Opinions in Structured Finance, 84 Tex. L. Rev. 1, 40–41 (2005). Quantifying the public’s desire for retribution as zero mitigates the potential for these abuses.

Finally, in examining how to impose personal liability, this Article considers not only liability imposed by government directly, 137This Article argues, for example, that corporate governance law should be reformulated to include the impact of systemic harm on the public. Contrary to traditional corporate governance law, which uses privately enforced rights in the form of shareholder derivative suits to subject managers to personal liability for engaging in excessive risk-taking that harms shareholders, see supra notes 34–35 and accompanying text, shareholders would have no interest in imposing liability on managers of their firm for externalizing systemic harm onto the public. I therefore propose that the government have direct authority to impose personal liability on managers for engaging in excessive risk-taking that causes systemic harm. See infra Part III.A. but also liability imposed indirectly by law. 138For example, this Article argues for narrowing the limited liability protection of certain shareholding corporate managers, which would expose them to more of their firm’s liabilities and thereby reduce their incentive to cause the firm to take highly risky actions. See infra notes 231–41 and accompanying text. This flexible approach recognizes that optimal regulation should include the choice, depending on weighing their strengths and weaknesses in particular contexts, “between two methods of public control—the common law system of privately enforced rights and the administrative system of direct public control.” 139Richard A. Posner, Economic Analysis of Law § 13.1, at 383 (6th ed. 2003).

First, consider direct forms of imposing personal liability.

A. Imposing Corporate Governance Liability

As previously discussed, 140See supra notes 35–49 and accompanying text. corporate risk-taking can impact the public in addition to impacting investors. 141Cf. Richard Posner, Law, Pragmatism, and Democracy 73, 270 (2003) (arguing that legal reasoning may not exist as an independent concept and that consequences are what really matter). To the extent needed to avoid public harm, 142I am separately examining the extent to which the “public governance duty” discussed above should supplement, or substitute for, other ways of regulating control of excessive corporate risk-taking. See Steven L. Schwarcz, Misalignment: Corporate Risk-Taking and Public Duty (Duke Law Sch. Pub. Law & Legal Theory Series No. 2015-40, 2015), . The discussion in Part III.A assumes that such a duty should at least supplement those other ways of regulating control. a firm’s managers should be required to run the firm as agents not only for the investors but also for the public. 143Cf. Miller, supra note 30, at 117–18 (observing that, in order to internalize systemic externalities, “it can be entirely proper—indeed economically efficient—for government to regulate . . . activities [causing such externalities], perhaps even to prohibit them”). To that extent, managers should not only have a private corporate governance duty to investors but also a public corporate governance duty to society (public governance duty) not to engage in excessive risk-taking. Managers who breach this public governance duty should then be—just as managers who breach their private governance duty to investors already are 144Cf. supra notes 34–35 and accompanying text (discussing shareholder derivative suits). —subject to personal liability for breach of their principal-agent relationship: it “makes sense to penalize [managers] for causing their firms to engage in” risk-taking that would benefit the firm’s investors but harm the greater society. 145Miller, supra note 30, at 119. This Article does not analyze whether any such government regulation should be federal or state. In the United States, corporate governance has been traditionally regulated by states. CTS Corp. v. Dynamics Corp., 481 U.S. 69, 88–89 (1987) (“No principle of corporation law and practice is more firmly established than a State’s authority to regulate domestic corporations.”); Burks v. Lasker, 441 U.S. 471, 478 (1979) (stating that the “first place one must look to determine the powers of corporate directors is in the relevant state’s corporation law”); Cort v. Ash, 422 U.S. 66, 84 (1975) (“Corporations are creatures of state law, and investors commit their funds to corporate directors on the understanding that, except where federal law expressly requires certain responsibilities of directors with respect to stockholders, state law will govern the internal affairs of the corporation.”). Nonetheless, the Sarbanes–Oxley and Dodd–Frank Acts set precedents for “the federal government [to] step in if regulators believe that state law is lacking in its regulation of corporate governance.” Hurt, supra note 22, at 289. Federal regulation might be needed, for example, to overcome a collective action problem that individual state regulation could drive firms to organize or reorganize in other states. Cf. Schwarcz, supra note 59, at 6 (discussing a flight-of-capital argument under corporation law that is stricter in some states than other states). This Article also does not analyze how directors and officers (D&O) liability insurance, which indemnifies managers against personal liability, might compromise the deterrent effect of imposing personal liability. Any regulatory framework for imposing such liability should take into account how that insurance coverage should be written to optimally balance managerial and public protection.

This reformulation of corporate governance law raises several practical questions about how a firm’s managers should perform their public governance duty: (1) How should managers assess the potential impact on the public of corporate risk-taking? (2) How should managers balance public costs and private benefits when deciding whether the firm should engage in a given risk-taking activity? and (3) Who should actually sue to impose personal liability on managers who breach their public governance duty by engaging their firms in excessive risk-taking? Crucially, the answer to question (2) will implicitly drive what excessive corporate risk-taking should mean: risk-taking that exceeds that balance. 146Cf. supra notes 30–31 and accompanying text (observing that, traditionally, “excessive” risk-taking was implicitly defined by its potential impact on the firm’s investors).

Consider these questions in turn.

1. How Should Managers Assess the Potential Impact on the Public of Corporate Risk-Taking?

As with any other type of corporate action, it is difficult, ex ante, to precisely predict ex post consequences. That difficulty would likely be even greater when predicting consequences to the public, not merely to the firm and its investors.

In the traditional corporate governance context, managerial decisions—including risk-taking decisions 1472 Treatise on the Law of Corporations § 10:5, Westlaw (database updated December 2014) (arguing that a board may be compelled to make a decision without having all the relevant facts, but the business judgment rule should protect the board from liability for this risky decision); cf. Miller, supra note 30, at 48, 103–09 (arguing that corporate risk-taking decisions “are always business decisions”). —are protected to some extent by the business judgment rule, which presumes that managers should not be personally liable for harm caused by negligent decisions made in good faith and without conflicts of interest—and in some articulations of the business judgment rule, also without gross negligence. 148See, e.g., Aronson v. Lewis, 473 A.2d 805, 812 (Del. 1984); Hurt, supra note 22, at 258. Although the precise formulation of the business judgment rule depends on the relevant jurisdiction applying it, the formulation in the text above is widely accepted. 3A William Meade Fletcher, Fletcher Cyclopedia of the Law of Corporations § 1036 (Supp. 2014–2015); cf. Stephen M. Bainbridge, Corporate Law 96 (2d ed. 2009) (observing that “the one thing about the business judgment rule on which everyone agrees is that it insulates directors from liability for negligence”). On its face, at least, the business judgment rule should apply to managers trying to predict consequences of corporate risk-taking to the public. 149Cf. Miller, supra note 30, at 109 (arguing that “[i]f there are cogent reasons for having a business judgment rule, those reasons should foreclose any substantive review by courts of a firm’s risk-management practices”). Although Professor Miller references “risk-management” decisions, not risk-taking decisions, he does not appear to intend to draw a distinction. Id. But, given those public consequences, should the business judgment rule be modified to make it easier to impose personal liability for excessive risk-taking that causes systemic harm? 150That would also respond, at least indirectly, to the impediment that prosecutorial risk-reward assessment is tightening under shrinking resources. See supra Part I.C.2.

In a traditional context (i.e., without regard to systemic risk), at least two scholars have considered and rejected arguments to weaken the business judgment rule for excessive risk-taking. Professor Hurt has rejected any such weakening of the rule as imprudent and, insofar as the exercise of managerial business judgment is inappropriate for court review, unmanageable. 151See Hurt, supra note 22, at 259–60. She also has said that it would be inconsistent with corporate law principles to impose personal liability for poor managerial judgment. 152Id. at 258–60. It should be up to shareholders, she has argued, to evaluate corporate risk through their investment decisions, not through litigation. 153Id. at 264–65. Professor Miller has adopted similar arguments in rejecting any such weakening of the business judgment rule. 154Miller, supra note 30, at 120–23 (looking at financial models used by risk managers and noting that they incorporate business judgments in selection of historical data to predict the future in an effort to smooth returns, which should be a business decision and not reviewable by the courts).

To the extent those arguments assume that shareholders evaluate risk through their investment decisions, the arguments are irrelevant to the question of imposing personal liability for excessive risk-taking that causes public harm. As discussed, a firm’s shareholders would have no incentive—and thus are highly unlikely no matter what the liability standard—to sue managers for engaging in excessively systemically risky actions. 155See supra notes 41–43 and accompanying text. To the contrary, shareholders generally want their firms to take potentially profitable risks, regardless of the possible systemic impact. 156See supra notes 41–43 and accompanying text.

Nonetheless, the inappropriate-for-court-review part of those arguments should have merit no matter who, a shareholder or a government prosecutor, is attempting to impose personal liability. It generally would be impractical for a judge, who typically lacks business experience, to review business management decisions. Even if the decisions result in risk-taking that causes public harm, Professor Miller argues that judicial review might require the court not only to “exercis[e] business judgment, but also [to] exercis[e] it on a scale wide enough to encompass the entire risk-return profile of the company, and deep enough to reach virtually every investment or trade the company makes.” 157Miller, supra note 30, at 109. Although beyond the scope of this Article, policymakers might consider whether certain categories of corporate risk-taking actions are so systemically risky that they should be prohibited outright.

For two reasons, however, I believe that the public interest requires some weakening of the business judgment rule. Members of the public, unlike shareholders, cannot mitigate their harm by voting to replace managers or selling stock. Even more significantly, public harm breaches one of the basic assumptions of the business judgment rule’s application—that there be no conflict of interest. 158See supra notes 147–48 and accompanying text. The interest of a manager who holds significant shares or interests in shares, 159This could include stock options, for example. or whose compensation or retention is dependent on share price, is aligned with the interest of the firm’s shareholders, not with that of the public. To that extent, the manager would have a conflict of interest. I recognize that courts applying the business judgment rule usually look for conflicts of interest between managers, on the one hand, and the firm and its shareholders, on the other hand. 160Rachael E. Schwartz, The Clawback Provision of Sarbanes-Oxley: An Underutilized Incentive to Keep the Corporate House Clean, 64 Bus. Law., Nov. 2008, at 31 n.202 (“Of course, deference, in the form of the business judgment rule, is given to management decisions in the absence of a conflict of interest between managers and shareholders.” (citing Aronson v. Lewis, 473 A.2d 805, 812 (Del. 1984))). Logically, however, if—as this Article argues—the managers should also have a duty to the public, then the notion of conflicts should be broadened to include conflicts between managers, on the one hand, and the public, on the other hand.

Managers who are conflicted in that way should not be given quite the same absolute deference that the business judgment rule gives non-conflicted managers. One response, for example, would be to remove that deference if conflicted managers are grossly negligent in assessing harm to the public. 161Any such gross negligence should be judged, of course, ex ante. See Joy v. North, 692 F.2d 880, 886 (2d Cir. 1982) (“[C]ourts recognize that after-the-fact litigation is a most imperfect device to evaluate corporate business decisions. . . . [A] reasoned decision at the time made may seem a wild hunch viewed years later against a background of perfect knowledge.”). That would technically not change the business judgment rule; it would merely apply the gross negligence standard that is articulated as part of that rule, 162See supra note 148 and accompanying text. though rarely utilized with any rigor. 163Although gross negligence is articulated as part of the business judgment rule, directors usually are not subjected to monetary damages for violating their duty of care, even when they are grossly negligent. See, e.g., Carter G. Bishop, Directorial Abdication and the Taxonomic Role of Good Faith in Delaware Corporate Law, 2007 Mich. St. L. Rev. 905, 911; Jesse W. Markham, Jr., The Failure of Corporate Governance Standards and Antitrust Compliance, 58 S.D. L. Rev. 499, 502 (2013) (observing that although it is included in the duty of care, gross negligence “has almost no place in the life of a board member of a public company because every state of the Union has enacted so-called ‘exculpation’ enabling laws that permit corporations to excuse their boards of any duty of care”).

Under that standard, the failure to use even slight care could justify imposing liability. 164See, e.g., Smith v. Van Gorkom, 488 A.2d 858, 893 (Del. 1985) (finding that the board of directors failed to exercise due care in evaluating and recommending a merger for shareholder approval), overruled on other grounds by Gantler v. Stephens, 965 A.2d 695 (Del. 2009). Thus, a “pure heart and empty head” assessment of potential systemic consequences of corporate risk-taking would be insufficient to merit a business-judgment-rule defense. Because courts routinely review whether other types of actions are grossly negligent, 165See, e.g., John Schwartz, Judge’s Ruling on Gulf Oil Spill Lowers Ceiling on the Fine BP Is Facing, N.Y. Times (Jan. 15, 2015), (observing that Judge Carl J. Barbier of the Federal District Court in New Orleans found BP grossly negligent in causing the 2010 Gulf of Mexico oil spill). they should not find it “inappropriate” 166See supra note 151 and accompanying text. or “impractical” 167Cf. supra note 157 and accompanying text (raising the objection that penalizing managers for poor judgment would be inappropriate and impractical for court review). to review corporate risk-taking actions under that standard. Moreover, as a practical matter, managers who follow a reasonable procedure to balance public costs and private benefits—perhaps one akin to the procedure next discussed—should be protected. That would effectively conform the business judgment rule’s application to a duty of process care, the standard commonly used in the United States. 168Schwarcz, supra note 142, at 47.

2. How Should Managers Balance Public Costs and Private Benefits When Deciding Whether the Firm Should Engage in a Given Risk-Taking Activity?

I have considered a somewhat parallel question in the context of examining how managers of a firm in the “vicinity of insolvency”—who then run the firm as agents not only for the shareholders but also for the creditors—should balance their ex ante assessment of costs to creditors and benefits to shareholders when deciding whether the firm should engage in a given risk taking activity. 169Schwarcz, supra note 31, at 673–77. In that context, I argued that no algorithm can dictate the balance because “balancing benefit to shareholders with harm to creditors is like balancing ‘apples and oranges’—they are not comparable commodities.” 170Id. at 675.

In order to “more directly address th[is] non-comparable nature,” managers should have “latitude to make their own good faith weighing of benefit and harm, recognizing that harm to creditors may well be more significant [in the insolvency context] than benefit to shareholders.” 171Id. at 675. To that end, I proposed that “where non-comparable commodities of benefit and harm to different parties are being weighed, the benefit may have to considerably outweigh the harm, or at least provide a compelling case, to be justified.” 172Id. at 676–77.

The same type of approach could be applied to corporate risk-taking that could, because it entails systemic risk, harm the public. Indeed, the “considerably outweigh” requirement implicitly adopts what Professor Cass Sunstein calls a “fourth form” of the precautionary principle to protect the public. 173Cf. supra notes 120–22 and accompanying text (discussing the application of a precautionary principle to this Article’s cost–benefit analysis). It does not merely shift to the firm’s managers the burden to prove that the risk-taking activity should be permitted; it also increases the burden by adding a safety margin. 174See supra note 124.

Excessive corporate risk-taking therefore should mean, from the standpoint of systemic risk, risk-taking for which the private benefits to investors are not expected to considerably outweigh any systemic costs to the public. 175For expected value examples of that weighing of costs and benefits, see Schwarcz, supra note 142. Managers who engage systemically important firms in such risk-taking would have violated their public governance duty and thus should be subject to personal liability. Such managers nonetheless should be protected by the business judgment rule if they acted in good faith and without gross negligence but, nonetheless, incorrectly assessed the potential harm of the risk-taking to the public or the balancing of that harm with the expected benefit of the risk taking to investors.

One may ask why a normative analysis should ever weigh costs and benefits to different parties—in our case, a firm’s investors and the public. At least one answer is that public policymaking routinely relies on the Kaldor–Hicks concept of efficiency, under which a public project is regarded as efficient if its overall benefits exceed its overall costs regardless of who bears the costs and who gets the benefits. 176Posner, supra note 139, § 1.2, at 13. I realize that this Article is making a normative claim based on a factual observation, but norms generally are, and should be, tethered to reality. Isaiah Berlin, Personal Impressions xxi (Henry Hardy ed., Princeton Univ. Press 2d ed. 2001) (1981); cf. Lucian A. Bebchuk, A New Approach to Corporate Reorganizations, 101 Harv. L. Rev. 775, 776–77 (1988) (grafting a normative analysis onto a positive assumption, in this case taking the existence of corporate reorganizations in bankruptcy law as a given to put forth a suggestion to improve the reorganization process). Admittedly, Kaldor–Hicks efficiency implicitly assumes that the distribution of benefits and costs is not controlled by the party—in our case, a firm’s managers—also controlling the decision whether to engage in the project. 177Robin Paul Malloy, Law in a Market Context 190–91 (2004). Kaldor–Hicks efficiency aims to maximize society’s aggregate utility. Id. Legal reasoning concerning non-voluntary or non-consensual transactions employs the Kaldor–Hicks test as a hypothetical efficiency standard in considering “what rules and institutional mechanisms might best advance social welfare.” Id. at 191. Additionally, when “a right is protected by a liability rule it is subject to a Kaldor–Hicks efficiency analysis and can be subject to a forced exchange if social utility can be enhanced.” Id. But those managers do not completely control the distribution of benefits; the public usually benefits, at least indirectly, from corporate risk-taking that benefits investors. 178See Frank H. Easterbrook & Daniel R. Fischel, The Economic Structure of Corporate Law 38 (1991); Amir N. Licht, The Maximands of Corporate Governance: A Theory of Values and Cognitive Style, 29 Del. J. Corp. L. 649, 651, 705–07 (citing Easterbrook & Fischel, supra, at 35–39). The traditional law and economics view of the shareholder-value-maximization rule as “efficient and workable” relies on the rule’s ability to take “advantage of the firm’s strength due to its tendency to maximize wealth in general.” Id. at 706. Under the shareholder-value-maximization rule, Judge Easterbrook and Professor Fischel believe that the firm can maximize wealth in general for two primary reasons. First, the managers work in the interests of the shareholders alone (without regard for the benefit or harm to the public), which keeps agency costs lower, thus allowing social wealth to rise. Second, the focus on maximizing the firm’s residual value helps the other “constituencies” automatically: “In a market economy each party to a transaction is better off.” Id.; see also Mark J. Roe, The Shareholder Wealth Maximization Norm and Industrial Organization, 149 U. Pa. L. Rev. 2063, 2065 (2001) (explaining that under the utilitarian approach, the shareholder-value-maximization rule increases overall fairness and wealth because it provides managers with an easy-to-follow metric that views the shareholders as the firm’s residual beneficiaries, and it benefits employees and other stakeholders through producing fluid and efficient capital markets while still giving them the option to contract with the corporation for what they want). Moreover, the “considerably outweigh” requirement provides a margin of safety to protect the public. See supra notes 173–74 and accompanying text.

3. Who Should Actually Sue to Impose Personal Liability on Managers Who Breach Their Public Governance Duty?

If, as this Article has argued, managers should be subject to liability for breaching their public governance duty by engaging in excessive systemic risk taking, how should that liability be imposed? Under existing corporate governance law, shareholder derivative suits are the primary means to impose liability on managers. Shareholders would have no interest, however, in imposing liability on managers of their firm for externalizing systemic harm. 179And because any such harm would not be to the firm, any lawsuit by shareholders would not even be a “derivative” suit. Therefore, the government, by default, at least should have the right to impose that liability. 180The government might also consider experimenting with DPAs as a means to refocus corporate governance towards this Article’s public governance duty. Cf. Kaal & Lacine, supra note 96, at 55 (“DPA-related business changes, board changes, and cooperation requirements could over time have a substantive impact on corporate governance.”). That assumes, however, that DPAs are used in the future to try to deter excessive risk-taking that is not illegal; heretofore, they have been used only to deter crime and other illegal actions. See supra note 103 and accompanying text.

Another option is the use of private lawsuits, where citizens sue on behalf of the government in order to remedy a public harm. As Professor David Engstrom notes, “One of the most significant developments in the American regulatory state in recent decades is a marked shift away from administrative regulation and enforcement and toward the use of private lawsuits to regulate social and economic behavior.” 181David Freeman Engstrom, Private Enforcement Pathways: Lessons from Qui Tam Litigation, 114 Colum. L. Rev. 1913, 1919 (2014). Within the context of this Article, private lawsuits would seek to impose personal liability on managers for engaging in excessive systemic risk-taking. The qui tam provisions of the False Claims Act (FCA) 18231 U.S.C. §§ 3729–3733 (2012). provide a helpful precedent for how these private lawsuits might work.

The FCA creates liability for any person who defrauds the U.S. government. 183Engstrom, supra note 181, at 1943. Although the Department of Justice can initiate the action, 184Id. at 1944. “most [of the] FCA enforcement efforts are initiated as private lawsuits brought pursuant to the FCA’s qui tam provisions.” 185Id. (italics added). These provisions authorize private citizens to sue alleged defrauders in the name of the United States. 186Id. If the suit is successful or settled, the citizen-plaintiff is entitled to thirty percent of the award or settlement, plus costs and attorneys’ fees. 187Id. (citing 31 U.S.C. § 3730(b)–(d)); see also Richard A. Bales, A Constitutional Defense of Qui Tam, 2001 Wis. L. Rev. 381, 381–85; cf. Heidi Mandanis Schooner, Private Enforcement of Systemic Risk Regulation, 43 Creighton L. Rev. 993 (2010) (arguing that the qui tam litigation model could be used to help enforce regulations meant to reduce systemic risk). Although D&O liability insurance will be needed to incentivize good managers and also to help ensure that sufficient funds are available to properly incentivize private-action lawsuits, see supra note 145, such insurance can undermine incentives. Managers protected by D&O insurance would be more willing to engage in morally hazardous behavior. Richard MacMinn, Yayuan Ren & Li-Ming Han, Directors, Directors and Officers Insurance, and Corporate Governance, 35 J. Ins. Issues 159, 165 (2012) (observing that “[t]he major criticism of corporate purchase of D&O insurance is that it creates moral hazard problems for” the managers covered by such insurance). A possible solution might be to increase the size of the deductible for actions that result in systemic harm.

Even though the citizen-plaintiff “suffers no injury” and thus would appear to “lack the ‘injury in fact’ required to create Article III standing” under the U.S. Constitution, 188Bales, supra note 187, at 384 (quoting Lujan v. Defenders of Wildlife, 504 U.S. 555 (1992)). the Supreme Court has found standing through a somewhat circular argument: the Act’s partial assignment of the government’s claim to the citizen-plaintiff provides a sufficient stake in the outcome to create Article III standing. 189Id. (citing Vt. Agency of Nat. Res. v. United States ex rel. Stevens, 529 U.S. 765, 777–78 (2000)). That same argument could justify standing in this Article’s context. Indeed, citizen-plaintiffs would have an additional standing claim: as members of the public, they would be directly harmed by a systemically important firm’s collapse. 190That additional standing claim might be subject to a “prudential” limitation to standing—that a citizenplaintiff’s injury should not be merely “a ‘generalized grievance’ shared in equal measure by all or a large class of citizens.” Id. at 397 (citing Warth v. Seldin, 422 U.S. 490, 499 (1975)). But Congress may, by statute, waive that prudential limitation. Warth, 422 U.S. at 501; see also Bales, supra note 187, at 398.

B. Clawing Back Compensation

This approach to imposing personal liability would respond to the impediment that decision-making is becoming more decentralized. 191See supra Part I.A.2. By effectively privatizing enforcement, this approach to imposing personal liability would also respond, at least indirectly, to the impediment that the shrinking of resources is tightening prosecutorial risk–reward assessment. See supra Part I.C.2. If firms themselves set how managerial compensation should be clawed back, that would enlist the firm to help allocate losses to individual managers, notwithstanding decentralized decision-making. This approach should help to more rationally balance risk-taking, as described in the cost–benefit analysis below.

First consider how clawing back compensation could work. Professor Coffee has proposed a remedy of “mandatory clawbacks,” requiring incentive compensation (e.g., bonuses) to be forfeited by “Senior Financial Executives” for periods in which the SEC finds “substantial noncompliance with securities laws—without regard to individual fault.” 192See Sarbanes–Oxley Act of 2002 § 304, 15 U.S.C. § 7243 (2012) (authorizing the SEC to enforce the recovery of bonuses paid to CEOs and CFOs of public companies when the company issues financial restatements due to material noncompliance “with any financial reporting requirement under the securities laws” resulting from misconduct); Dodd-Frank Wall Street Reform & Consumer Protection Act, Pub. L. No. 111-203, § 954, 124 Stat. 1376, 1382 (2010) (codified at 15 U.S.C. § 78j-4) (improving Sarbanes–Oxley Act of 2002, Section 304 by designating a firm’s board of directors, rather than the SEC, as the enforcer of clawbacks and removing a misconduct prerequisite for clawbacks); Jesse D. Gossett, Financial Institution Executive Compensation: The Problem of Financially Motivated Excess Risk-Taking, the Regulatory Response, and Common Sense Solutions, 14 U.C. Davis Bus. L.J. 51, 63 (2013) (“Despite these subtle differences, the intent of both laws is the same: To hold those in charge of a publicly traded corporation responsible when they profit from inaccurate or fraudulent financial reporting. As will be shown, this will do nothing to actually reduce the level of systemic risk at financial institutions which means this provision will be largely ineffective at holding off the next financial crisis.”). I have more broadly proposed requiring compensation clawbacks for secondary managers of financial firms who act in conflict with their firms’ long-term interests. 193See Steven L. Schwarcz, Conflicts and Financial Collapse: The Problem of Secondary-Management Agency Costs, 26 Yale J. on Reg. 457, 465–66 (2009). At least one major investment bank, Morgan Stanley, has effectively implemented both proposals by providing, for all of its bonus-eligible employees, that cash bonuses are “subject to a clawback provision that could be triggered if the individual engages in conduct detrimental to the Firm.” 194Miriam A. Cherry & Jarrod Wong, Clawbacks: Prospective Contract Measures in an Era of Excessive Executive Compensation and Ponzi Schemes, 94 Minn. L. Rev. 368, 389 (2009) (quoting Morgan Stanley Executives Forgo Bonuses, as Program Is Changed, N.Y. Times: DealBook (Dec. 8, 2008, 3:31 PM), http://dealbook.nytimes.com/2008/12/08/morgan-stanley-executives-forego-bonuses-as-program-is-changed. And DPAs themselves—even though primarily firm-level remedies 195See supra notes 95–99 and accompanying text. —could require firms to agree to claw back compensation paid to employees who engage in specified prohibited conduct. 196Cf. Arlen, supra note 99, at 152–53 (observing that DPAs create “prosecutorial authority to engage in firm-specific regulation of corporate practices relating to deterring and investigating corporate crime”). Thus, DPAs could be used to require a firm to identify and, by reducing their compensation or firing them, to punish such wrongdoing individuals.

From a cost–benefit standpoint, clawing back compensation could create significant benefits by aligning the economic incentives of firms, their managers, and society. 197Cf. Lucian A. Bebchuk & Holger Spamann, Regulating Bankers’ Pay, 98 Geo. L.J. 247 (2010) (arguing that bank compensation structures have provided executives with the incentive to take excessive risks). If a firm fails or performs poorly, its managers could be forced to repay a portion of their compensation. Penalizing unsuccessful risk-taking in this way would motivate managers to run their firms more prudently. That, in turn, would help to minimize failures of firms; and if the clawback is applied to systemically important firms, 198Cf. infra note 199 and accompanying text (proposing regulation mandating that all systemically important firms adopt clawback managerial compensation). it would help to reduce systemic risk. The benefits therefore could be significant.

And the costs are likely to be small. Even though clawing back compensation could reduce risk-taking, that should not undermine economic progress. Competitive pressures should still motivate managers to engage in the risk-taking needed to keep their firms profitable. A potential real cost could result, however, from a collective action problem: firms that institute clawback compensation schemes could find themselves at a competitive disadvantage in hiring good managers. That problem could be solved, and that cost could thereby be mitigated, by regulation mandating that all systemically important firms adopt clawback managerial compensation. 199See, e.g., Schwarcz, supra note 193, at 468–69 (observing that government regulation may well be the best way to resolve the collective-action problem that deferred or contingent compensation schemes can competitively disadvantage firms individually implementing those schemes); cf. supra note 40 and accompanying text (discussing how the government is attempting to identify systemically important firms).

C. Imposing Ex Post Facto (Civil) Liability

This approach to imposing personal liability would respond to the impediment that the law increasingly lags financial innovation. 200See supra Part I.B.1. It thus addresses the dilemma that excessive risk-taking may violate norms but not law. 201See Schwarcz, supra note 136, at 36–42.

Although ex post facto criminal liability is unconstitutional in the United States, ex post facto civil liability is not. 202See Steven L. Schwarcz & Lucy Chang, The Custom-to-Failure Cycle, 62 Duke L.J. 767, 792 (2012), and sources cited therein. Implicitly, tort law already operates as a mechanism for imposing ex post facto civil liability to internalize externalities: “For example, in applying tort law’s ‘reasonably prudent person’ standard of care in negligence actions, a jury ‘determines what the expected level of conduct in the community should be.’” 203Id. (quoting John L. Diamond, Lawrence C. Levine & Anita Bernstein, Understanding Torts 47 (4th ed. 2010)). To that end, jurors “must draw on their own understanding of reasonable behavior, based on their experience of the world.” 204Id. at 793 (quoting Steven Hetcher, The Jury’s Out: Social Norms’ Misunderstood Role in Negligence Law, 91 Geo. L.J. 633, 654 (2003)). “Because the jury is effectively defining the community norm at the trial stage and not necessarily at the time of the alleged tort, civil liability is sometimes imposed based on ex post norms.” 205Id. at 793–94 (footnote omitted).

Imposing personal liability on an ex post facto basis could therefore be beneficial by reducing the time lag between norms and law. Nonetheless, its impact on economic progress could be very costly. Corporate managers could not know, at the time of their actions, whether engaging in a particular risk taking activity would later subject them to personal liability. Therefore, they would have a strong incentive to engage in low-risk activities, thereby potentially making their firms less innovative and competitive. 206See supra notes 28–29 and accompanying text. On balance, the benefits of imposing personal liability on an ex post facto basis do not appear to outweigh the costs.

D. Reassigning Corporate Responsibility

This approach to imposing personal liability would respond to the impediment that decision-making is becoming more decentralized. 207See supra Part I.A.2. In the context of risk-taking managers, this might be done in several ways. Former Attorney General Holder has suggested, for example, that managers should be specifically designated in advance to bear personal responsibility for their firm’s excessively risky activities. 208Remarks of Attorney General Eric Holder, supra note 18 (observing that this is “the same principle behind the Sarbanes-Oxley requirement that a designated company executive must sign its accounting forms and bear liability for misrepresentations”). There also has been discussion of making senior managers responsible for their subordinates’ actions under a “failure to supervise” theory. 209See Todd S. Fishman & Brian de Haan, Lessons from the Credit Crisis: A Subtle Shift in the Long Reach for Top Executives, 17 Wallstreetlawyer.com: Sec. Electronic Age, Dec. 2013, at 9. That would have an analogous precedent as the Food, Drug, and Cosmetic Act’s “responsible corporate officer doctrine,” under which supervisory managers could be held liable for illegal activities that they were in a position to prevent. 210Remarks of Attorney General Eric Holder, supra note 18. The Responsible Corporate Officer (RCO) doctrinedoes not require the government to pierce the corporate veil or show that the officer personally perpetrated or otherwise participated in the wrongful act. If the government proves that the defendant was a corporate officer who failed to use his or her authority to assure that the corporation complied with laws and regulations, the government may hold the defendant individually responsible under the RCO doctrine as an alternative theory of liability.Noël Wise, Personal Liability Promotes Responsible Conduct: Extending the Responsible Corporate Officer Doctrine to Federal Civil Environmental Enforcement Cases, 21 Stan. Envtl. L.J. 283, 288 (2002). Similarly, the “failure to supervise” theory “merely requires a showing that the senior executive possesses the ‘power to control’ the violator and, if such control can be shown, mere negligence as to whether the violator was adequately supervised.” Fishman & de Haan, supra note 209. Thus, under these and similar theories of liability, there appears to be no requirement to show that the executive participated in the underlying act; all that is required is a showing that the person was a corporate officer (under the RCO doctrine) or possessed power to control (under the “failure to supervise” theory), and failed to assure that the corporation complied with the laws and regulations (under the RCO doctrine) or was negligent in the supervision of its subordinates (under the “failure to supervise” theory). In an even more radical approach, the United Kingdom’s Financial Conduct Authority and the Bank of England’s regulatory arm, the Prudential Regulation Authority, have proposed regulations that would reverse the burden of proof, requiring bankers of a failed bank to prove that they acted appropriately in order to avoid personal criminal liability. 211Jill Treanor, Regulators Want Reckless Bankers to Be Criminally Liable Under New Plans, Guardian (July 30, 2014, 6:44 AM), .

From a cost–benefit standpoint, the benefits of reassigning corporate responsibility should be significant. The increasingly decentralized nature of decision-making at firms makes it difficult to impose personal liability, 212See supra note 52 and accompanying text; cf. Anne Tucker Nees, Who’s the Boss? Unmasking Oversight Liability Within the Corporate Power Puzzle, 35 Del. J. Corp. L. 199, 200–01 (2010) (observing that following the financial crisis, many regulators and investors were left wondering the same question: who is in charge and who is to blame?). which gives little incentive for risk-taking managers to change their behavior. 213See supra note 12 and accompanying text. Yet excessive risk-taking has been identified as one of the primary causes of the financial crisis. 214See supra note 33 and accompanying text. Reassigning corporate responsibility would make it easier to impose personal liability for engaging in—which in turn would help to discourage—excessive risk-taking.

Reassigning corporate responsibility would have costs, however, limiting at least some of the benefits of decentralized decision-making. Recall that those benefits include encouraging motivation and creativity, allowing many minds to work simultaneously on the same problem, and accommodating flexibility and individualization. 215See supra notes 51–53 and accompanying text. Designating a manager to bear ultimate responsibility should certainly not prevent many minds from being able to work simultaneously on the same problem. Nor should it discourage employees from offering flexibility in ideas. In practice, however, it could—and indeed, depending on the methods and the penalty imposed, other forms of reassigning corporate responsibility would—motivate managers to be risk-averse, 216See, e.g., Daniel Kahneman & Dan Lovallo, Timid Choices and Bold Forecasts: A Cognitive Perspective on Risk Taking, in Choices, Values, and Frames 401 (Daniel Kahneman & Amos Tversky eds., 2000).Perhaps the most important cause of risk aversion is loss aversion, the discrepancy between the weights that are attached to losses and to gains in evaluating prospects. Loss aversion is not mitigated when decisions are made in an organizational context. On the contrary, the asymmetry between credit and blame may enhance the asymmetry between gains and losses in the decision maker’s utilities. The evidence indicates that the pressures of accountability and personal responsibility increase the status quo bias and other manifestations of loss aversion. Decision makers become more risk averse when they expect their choices to be reviewed by others and they are extremely reluctant to accept responsibility for even a small increase in the probability of a disaster.Id. (citations omitted). which in turn could undermine motivation and creativity. Furthermore, it might discourage the best people from wanting to be managers. 217Cf. Sean Farrell, HSBC Directors to Quit Over Threat to Jail Bosses for Banking Crises, Guardian (Oct. 7, 2014, 10:36 AM), (reporting that two HSBC directors threatened to quit in protest of proposed United Kingdom regulations subjecting bankers of a failed bank to criminal liability unless they could prove that they acted appropriately). For example, in protest of the proposed United Kingdom regulations, 218See supra note 211 and accompanying text. it was reported that two directors from HSBC’s United Kingdom branch threatened to quit. 219Farrell, supra note 217.

Reassigning corporate responsibility would thus have the benefit of helping to discourage excessive risk-taking, but, depending on how it works and the penalty imposed, could have the costs of undermining motivation and creativity and discouraging quality management. To minimize those costs, it is important that the reassignment and penalty be reasonable. 220In contrast, I view the proposed United Kingdom regulation, see supra note 211 and accompanying text, as unreasonable both in its reversal of the burden of proof, which comes close to imposing strict liability, and in its criminal penalty. One such approach might be regulation requiring systemically important firms to specifically designate one or more risk managers; to adopt both proactive and review-oriented protocols designed to identify and deter excessive risk-taking; and to set compensation based, among other things, on compliance with those protocols. This type of risk management is already common to deter excessive traditional risk-taking. 221See, e.g., Scott Baret et al., Deloitte, Developing an Effective Governance Operating Model: A Guide for Financial Services Boards and Management Teams 1 (2013), (observing that many boards have voluntarily appointed chief risk officers (CROs) in order to bolster the effectiveness of their companies’ governance). Foreign jurisdictions are also increasingly requiring the appointment of CROs. See Org. for Econ. Co-operation & Dev., Risk Management and Corporate Governance 17 (2014), . Its scope should be expanded to deter excessive risk taking that could have systemic consequences.

Although the benefits of that approach would appear to exceed its costs, any uncertainty could be resolved by applying the semi-strong form of the precautionary principle—that where a cost–benefit analysis of regulation yields an uncertain result, the presumption should be in favor of the regulation. 222See supra notes 123–28 and accompanying text. In this case, the presumption would be in favor of regulation reassigning corporate responsibility—again, assuming the reassignment and the penalty are reasonable.

Next, consider indirectly imposing liability by modifying legal protections that have impeded the ability of market participants themselves to control excessive risk-taking.

E. Narrowing Limited Liability

Narrowing limited liability for at least certain firm managers can limit conflicts that encourage excessive risk-taking. This approach to imposing personal liability would, directly or indirectly, respond to several of the impediments. It would directly respond by privatizing the imposition of liability, thereby avoiding prosecutorial costs. It would indirectly respond by better aligning the benefits and burdens of corporate risk-taking with the incentives of the firm’s managers. 223As will be shown, the managers that should be subjected to personal liability by narrowing limited liability are those who can directly profit by the corporate risk-taking. Infra notes 232–34 and accompanying text. Hence, Holder’s observation most directly applies, that if managers “enjoy all of the rewards of excessively-risky activity while bearing none of the responsibility,” it inevitably will lead to excessive risk-taking. Holder, supra note 18.

Corporate limited liability protects a firm’s equity investors from the firm’s liabilities, except for the capital invested. 224See, e.g., Model Bus. Corp. Act § 6.22(b) (1984); id. § 6.22 cmt. (“Section 6.22(b) sets forth the basic rule of non-liability of shareholders for corporate acts or debts that underlies modern corporation law.”). Historically, the legislative trend towards limited liability was heavily influenced by corporate lobbying. 225Schwarcz, supra note 59, at 8. In the United States, that trend was further “influenced . . . by fear of capital flight to other states.” 226Id. at 8. “The judicial progression towards limited liability also had a ‘fairness’ rationale: to protect innocent shareholders who are not in a ‘capacity to control’ or influence management decisions.” 227Id. at 9. And although limited liability can create moral hazard, leading to excessive corporate risk-taking that was seen as potentially harmful to investors, it also encourages equity-capital investment by addressing investor risk aversion. Empirically, scholars are uncertain how those factors should be balanced. 228Id. at 13.

That balance shifts radically, however, in the context of shadow banking. Shadow banking is a loose term that refers to the decentralized provision of financing outside of traditional banking channels, and thus without the need for traditional modes of bank intermediation between capital markets and the users of funds. 229See Fin. Stability Bd., Strengthening the Oversight and Regulation of Shadow Banking 1 (2012), (describing the shadow-banking system as “credit intermediation involving entities and activities outside the regular banking system”). Shadow banking is sometimes alternatively defined as the provision of financing by any type of financial intermediary that operates without access to central bank liquidity or public sector credit guarantees. Tobias Adrian & Adam B. Ashcraft, Fed. Res. Bank of N.Y., Shadow Banking Regulation 5 (2012). The shadow-banking system is immense, most recently estimated at $67 trillion worldwide. 230Fin. Stability Bd., Global Shadow Banking Monitoring Report 8 (Nov. 18, 2012), (estimating shadow banking’s worldwide assets in 2011); cf. Zoltan Pozsar et al., Fed. Res. Bank of N.Y., Shadow Banking 4–5 (2010), (arguing that shadow bank financing appears to dwarf traditional bank financing). Numerous types of firms make up the shadow banking system, including special purpose entities (SPEs) used in securitization and structured finance transactions to raise financing indirectly through the capital markets as well as finance companies, hedge funds, private equity firms, money-market mutual funds, non-bank government-sponsored enterprises, securities lenders, and investment banks. 231Schwarcz, supra note 59, at 2.

For at least two reasons, limited liability can be a uniquely fertile source of systemic externalities for shadow-banking firms. First, managers of shadow banking firms are likely to take greater risks than managers of other limited liability firms.

The relatively small firms, such as hedge funds, that operate in the shadow banking system are often managed directly by their primary investors. Because such investor-managers typically are entitled to a significant share of their firm’s profits, they have strong incentives to take [high] risks that could generate [outsized] profits. 232Id. at 18.

Yet if a risky action exposes their firm to significant liability for externalized harm, limited liability protects those investor-managers from losing more than their invested capital. “This is radically unlike the management incentives in non-shadow banking firms. . . . [in which] senior managers tend to share only indirectly in profits, such as through stock options.” 233Id. at 19. Furthermore, managers of non-shadow banking firms are often more invested in maintaining their jobs and thus less motivated to take actions that risk the firm. 234Id.

Even more significantly, the failure of a shadow-banking firm is more likely than that of a non-bank to have systemic consequences. Like traditional banks, shadow-banking firms engage in financial intermediation on which the real economy is dependent. “Because all financial intermediaries—including shadow-banking firms and traditional banks—tend to be highly interconnected, the failure of a shadow-banking firm could trigger the failures of other financial intermediaries.” 235Id. at 20. “Such a chain of failures would be the epitome of a systemic event, especially if it materially reduced the availability of financial intermediation.” 236Id. Additionally, shadow banking’s reliance on short-term funding of long-term projects not only increases the likelihood of a shadow banking firm’s failure but also can increase the systemic consequences of that failure. “Economists have identified the failure of shadow banking firms to roll over short-term debt as a contributing factor to the [recent] financial crisis.” 237Id. at 21.

A potential solution to this problem is to impose personal liability on investor-managers with the power to “control” shadow-banking firms by narrowing their limited liability protection—perhaps to double liability or some other multiple of their investment. 238Id. at 23 (proposing that such investor-managers be subjected to double liability—i.e., liability equal to twice their equity investment—for their firm’s obligations). From a cost–benefit standpoint, that would more closely align the benefits and burdens of risk-taking to those firms and managers. This solution would also indirectly respond to the impediment that systemic harm limits proof of causation. 239See supra Part I.B.2. By reducing the incentive for managers of shadow-banking firms to engage in actions that could cause their firms to fail, that narrowing of limited liability protection would reduce the systemic harm that could result from such failures.

The cost of this solution would likely be small. It would not be unfair to shareholders because it would only impact those in a capacity to control the firm. And, for two reasons, the solution should not unduly discourage equity capital investment. First, even if they are risk averse, 240They are more likely to be risk-prone. Schwarcz, supra note 59, at 18. owner managers with the power to control their firms could choose to govern to minimize their potential liability. Second, the liability of those owner managers should not be open-ended but, as discussed, limited to double-liability (or some other multiple of their investment). 241See supra note 238 and accompanying text (proposing a double liability limit).

Conclusions

This Article begins by asking why so few financial executives have been held responsible for the excessive risk-taking that was a principal cause of the 2008–2009 financial crisis and its associated banking failures. Part of the answer, it explains, is that impediments such as the complexity of financial innovation and the decentralization of managerial responsibilities are making it difficult for prosecutors, whose resources since 9/11 have been disproportionately allocated to terrorism-related cases, to win cases attempting to impose personal liability. Prosecutors instead have been taking the easier and less costly route of imposing firm-level liability. 242This route is easier and less costly for several reasons, including that firms are more likely to settle as a cost of doing business. See supra notes 10–11 and accompanying text.

But being managed by individuals, firms themselves are second-best targets of deterrence. This Article shows that firm-level liability may well be insufficient—and almost certainly will be inefficient—to deter excessive risk taking and prevent another financial crisis. Managers engaging in excessive corporate risk-taking should therefore also be subjected to personal liability. To accomplish that, the law needs to overcome another, and more fundamental, impediment: confusion and ambiguity over what excessive risk taking actually means.

Corporate governance law already covers, and subjects managers to personal liability for engaging in, certain types of excessive risk-taking. But it does not cover the type of risk-taking that led to the financial crisis and that is becoming ever more common—risk-taking that could have systemic consequences to the financial system. This Article analyzes how personal liability could be used to control that type of risk-taking without undermining economic progress.

Among other approaches, 243These other approaches include clawing back compensation and possibly reassigning corporate responsibility. See supra Parts III.B & III.D. this Article argues for a “public governance duty”—that corporate governance law should require managers to assess the impact of risk-taking on the public as well as on investors, and to balance the costs and benefits using a precautionary principle to protect the public. In contrast, corporate risk-taking has heretofore been assessed only by its potential impact on the firm’s investors, principally its risk-seeking shareholders, motivating firms to engage in transactions that were expected to be profitable even though their failure could increase systemic risk (since much of the harm from a resulting systemic collapse would be externalized).

This Article also analyzes the extent to which managers performing this public governance duty should be protected by the business judgment rule. Systemic harm resulting from excessive risk-taking can create a novel conflict of interest, between the public interest and the interests of managers with significant shareholdings or stock-price-related compensation. Because the business judgment rule itself does not unconditionally protect conflicted managers, this Article argues that those managers’ risk-taking decisions should be subject to a gross negligence standard, which is sometimes articulated as part of the business judgment rule (though rarely applied). Courts routinely review whether other types of actions are grossly negligent, so they should not find it inappropriate or impractical to review corporate risk-taking actions under that standard.

This Article also examines how managers who breach their public governance duty by engaging in excessive corporate risk-taking should be sued. Under traditional corporate governance law, shareholder derivative suits are the primary means to impose liability on managers. Investors would have no interest, however, in imposing liability on managers of their firm for externalizing systemic harm. Therefore, the government, by default, at least should have the right to impose that liability. This Article also explores private-action precedents that would incentivize citizens to sue to remedy public harm.

Finally, this Article analyzes less direct ways to impose personal liability in order to deter excessive systemic risk-taking. For example, by protecting a firm’s shareholders from the firm’s liabilities (except to the extent of invested capital), corporate limited liability fosters moral hazard, leading to excessive corporate risk-taking. In the past, corporate limited liability was justified because (by addressing shareholder risk aversion) it encourages equity-capital investment, and its potential for harm was thought to be limited to the firm’s investors.

The externalized systemic harm associated with the rise of shadow banking 244Recall that shadow banking refers to the decentralized provision of financing outside of traditional banking channels. See supra note 229 and accompanying text. shifts that balance radically, however. Because shadow-banking firms are often managed directly by their primary shareholders, who are entitled to a significant share of their firm’s profits but are protected under limited liability from losing more than their invested capital if the risk turns out poorly, those shareholder-managers have strong incentives to take high risks that could generate outsized profits. Moreover, the failure of a shadow-banking firm is likely to have systemic consequences: shadow banks not only engage in financial intermediation on which the real economy is dependent but also are highly interconnected with traditional banks. To help reduce these systemically risk-taking incentives, this Article proposes narrowing the limited liability protection 245This Article suggests narrowing that limited liability to double liability or some other multiple of the investment. See supra note 238 and accompanying text. of shareholder-managers who have the power to control their shadow-banking firms.

Footnotes

Copyright © 2015 by Steven L. Schwarcz. An earlier version of this Article was entitled Liability for Financial Failure: Corporate Risk-Taking and the Decline of Personal Blame.

Stanley A. Star Professor of Law & Business, Duke University School of Law; Founding Director, Duke Global Financial Markets Center; Senior Fellow, the Centre for International Governance Innovation. Email: schwarcz@law.duke.edu. For valuable comments, I thank Edward Balleisen, Samuel Buell, Andrew Coan, Lisa Kern Griffin, Wulf A. Kaal, Ted Kaufman, Charles Klingman, Robert T. Miller, Richard Painter, Karen West, and participants in a faculty workshop at The University of Arizona James E. Rogers College of Law and a conference at The George Washington University Law School (sponsored by its Center for Law, Economics, and Finance). I also thank Craig Warren Fitch, Eric Pacifici, and Joy Peng for invaluable research assistance. Additionally, I thank Karen West for helping to research certain post-financial crisis government investigatory and enforcement actions. Support is provided in part by a grant from the International Insolvency Institute Foundation.

1See, e.g., Interview by Frontline with Ted Kaufman, Del. Senator (Nov. 20, 2012), (expressing frustration and disappointment with his own political party that no prosecutions had gone forward).

2See, e.g., Sarah White, In Post-Lehman Clean-Up, Top Banker Prosecutions Stumble, Reuters (Sep. 13, 2013, 3:06 PM), (observing the frustration in the United Kingdom and in Spain stemming from the paucity of attempts to prosecute those in the “highest echelons of banking,” and also observing that “[f]rustrations over the slow progress of legal probes in Spain is even leading some activist groups to consider lobbying the United Nations to list economic crimes as a crime against humanity, even though they admit it is unlikely to happen”).

3Excessive risk-taking is widely regarded to have been a principal cause of the financial crisis. See, e.g., Fin. Crisis Inquiry Comm’n, The Financial Crisis Inquiry Report: Final Report of the National Commission on the Causes of the Financial and Economic Crisis in the United States xviii–xix (2011) (identifying excessive risk-taking as a primary cause of the financial crisis); Jacob J. Lew, Opinion, Let’s Leave Wall Street’s Risky Practices in the Past, Wash. Post (Jan. 9, 2015), (repeatedly attributing the financial crisis to “excessive risks taken by financial” firms); The Origins of the Financial Crisis: Crash Course, Economist (Sept. 7, 2013), (identifying excessive risk-taking as one of three causes of the financial crisis, the other causes being irresponsible lending and regulators being “asleep at the wheel”); see also infra notes 22–23 and accompanying text (observing that most of the actions leading to the financial crisis represented excessive corporate risk-taking). Although this Article uses the hyphenated term “risk-taking,” some sources may equivalently refer to “risktaking” or “risk taking.”

4In response to the 1980s savings-and-loan crisis, for example, special U.S. government task forces referred 1,100 cases to prosecutors, which resulted in more than 800 bank officials being jailed. Gretchen Morgenson & Louise Story, In Financial Crisis, No Prosecutions of Top Figures, N.Y. Times, Apr. 14, 2011, at A1, ; see also David Zaring, Litigating the Financial Crisis, 100 Va. L. Rev. 1405, 1411–13 (2014) (arguing that the lack of individual liability following the financial crisis has been quite surprising, especially when considering the last housing crisis where over one thousand financial executives were convicted of crimes and the dotcom collapse of 1999–2000 where a similar number were held accountable). Zaring further observes that “holding no executives responsible during this collapse in the housing market, while imprisoning hundreds of them during earlier downturns, smacks of arbitrariness, or, even worse, a different standard for Wall Street and Main Street financiers.” Id. at 1413.

5See, e.g., Colin Maher, Note, Crisis Not Averted: Lack of Criminal Prosecutions Leave Limited Consequences for Those Responsible for the Financial Crisis, 39 New Eng. J. on Crim. & Civ. Confinement 459, 462 (2013). Maher also discusses the Fraud Enforcement Recovery Act of 2009 (FERA), which was enacted in response to the financial crisis, in order to broaden federal fraud statutes to include mortgage lending businesses and brokers, wherever found, and to increase federal investigative and prosecutorial resources for mortgage fraud detection and prosecution. Id. at 464. No criminal prosecutions resulted. Maher notes that there was a questionable increase in resources, the government was still required to prove specific intent, and although future frauds might be prosecuted using FERA, the Ex Post Facto Clause of the U.S. Constitution would bar charges against those engaged in problematic actions before the enactment of FERA. Id. at 465.

6In August 2012, for example, the U.S. Department of Justice determined that it had no basis to prosecute Goldman Sachs employees in regard to allegations in the Levin–Coburn Report that Goldman Sachs made large profits from marketing collateralized debt obligations (CDO) securities backed by subprime mortgage loans as safe investments to clients, while betting against the same securities. See Dominique Debucquoy-Dodley, No ‘Viable Basis’ to Prosecute Goldman, Justice Department Says, CNN (Aug. 10, 2012, 7:13 AM), ; infra note 17. Goldman Sachs nonetheless paid $550 million in settlement of civil claims with regard to the activity in question. Phil Mattingly & Robert Schmidt, U.S. Agencies Probing Goldman Findings After Senate Referral, Bloomberg (May 4, 2011, 12:01 AM), .

7Richard McGregor & Aaron Stanley, Banks Pay Out $100bn in U.S. Fines, Fin. Times (Mar. 25, 2014, 6:42 PM), (quoting Tony Fratto of Hamilton Place Strategies as stating that the fines were “very substantial”).

8See Jason M. Breslow & Evan Wexler, How JP Morgan’s $13 Billion Settlement Stacks Up, Frontline: The Untouchables (Nov. 19, 2013, 8:57 PM), . This Article reports settlements made with financial institutions for abuses involving the type of mortgage-related activities that led to the financial crisis, including a $25 billion settlement with Bank of America Chase, JP Morgan Chase, Wells Fargo, Citigroup, and Ally Financial; a $13 billion settlement with JP Morgan Chase; a $550 million settlement with Goldman Sachs, and a $417 million settlement with JP Morgan and Credit Suisse. Id. In July 2014, Citigroup agreed to a $7 billion settlement with the Department of Justice, arising from Citigroup repeatedly ignoring warnings that a significant portion of the mortgages it packaged and sold to investors in 2006 and 2007 had underwriting defects. See Jason M. Breslow, Citigroup to Pay $7 Billion to End Mortgage Deal Probe, Frontline: The Untouchables (July 14, 2014, 1:03 PM), ; see also Andrew Grossman & Christina Rexrode, Citi to Pay $7 Billion to Settle Loan Probe, Wall St. J., July 15, 2014, at A1. In August 2014, a settlement of $16 billion was announced with Bank of America, the largest in U.S. corporate history. Christina Rexrode & Andrew Grossman, BofA Accord Ends a Long Legal Drama, Wall St. J., Aug. 22, 2014, at C1. The U.S. Department of Justice is reportedly engaged in settlement negotiations with a number of banks, and there is some evidence that fines are getting stiffer. Id.

9McGregor & Stanley, supra note 7 (“A little more than $52bn of the total was paid out in 2013 alone. . . . JPMorgan Chase, Bank of America, Citigroup, Wells Fargo, Morgan Stanley, and Goldman Sachs [] had combined earnings of $76bn in 2013 . . . .”).

10Id. (quoting Professor Anat Admati of Stanford University).

11John C. Coffee, Jr., Adolph A. Berle Professor of Law, Columbia Univ. Law Sch., Presentation at the New York City Bar 1st Annual Securities Regulation and Enforcement Institute Program: Securities Enforcement: What Has Happened? Why Are Folks Upset? What Can Be Done? (Dec. 11, 2012), .

12See Claire A. Hill & Richard W. Painter, Why S.E.C. Settlements Should Hold Senior Executives Liable, N.Y. Times (May 29, 2012, 11:28 AM), (arguing that when penalties are assessed only against an entity, the individuals responsible have little incentive to change their behavior and thus, in order to change that incentive, individuals should also be personally liable); see also Claire Hill & Richard W. Painter, Berle’s Vision Beyond Shareholder Interests: Why Investment Bankers Should Have (Some) Personal Liability, 33 Seattle U. L. Rev. 1173, 1187–89 (2010) (arguing that high-level bankers should be held personally liable).

13See, e.g., Mary Jo White, U.S. SEC Chair, Speech at the Council of Institutional Investors Fall Conference in Chicago, IL: Deploying the Full Enforcement Arsenal (Sept. 26, 2013), (observing two reasons for this greater deterrence: that economic actions taken against individuals not only require them to pay out of their only pockets but also impose reputational costs—a form of shaming—causing the individuals to lose social standing). The reputational costs might also include, of course, the inability to continue working in the financial sector. Id.

14Some argue that adding the threat of personal liability to the threat of firm-level liability should be the optimal deterrent. See, e.g., A. Mitchell Polinsky & Steven Shavell, Should Employees Be Subject to Fines and Imprisonment Given the Existence of Corporate Liability?, 13 Int’l Rev. L. & Econ. 239, 246–50 (1993) (arguing that personal liability is needed in addition to firm-level liability to reach the optimal level of deterring corporate moral hazard); Cedric Argenton, Eric van Damme & Sigrid Suetens, Optimal Deterrence of Illegal Behavior Under Imperfect Corporate Governance 26 (Tilburg Law & Econ. Ctr., Working Paper No. 2014-053, 2014), (same).

15See, e.g., Tracy Alloway, US Banks Warn on ‘Excessive’ Risk-Taking, Fin. Times (Aug. 6, 2014, 3:53 PM), (reporting that a member of the Treasury Borrowing Advisory Committee, a group of banks and investors selected to help advise on markets and the economy, “warned the U.S. Treasury Department that low volatility in many financial markets is creating a feedback loop that exacerbates ‘excessive risk-taking’ by investors”); Victoria McGrane, Obama Meets Top U.S. Financial Regulators at White House, Wall St. J. (Oct. 6, 2014, 6:11 PM), (observing executive branch frustration that “Wall Street is still taking on too much risk in the pursuit of self-enrichment”).

16Cf. Press Release, U.S. Senate Permanent Subcomm. on Investigations, Senate Investigations Subcommittee Releases Levin-Coburn Report On the Financial Crisis (Apr. 13, 2011), (statement by Senator Tom Coburn attributing blame for the financial crisis to “Wall Street bankers who let greed run wild”). Given that many of the activities that led to the financial crisis occurred in 2006 and 2007, the window of opportunity to pursue personal liability cases stemming from the crisis may have passed.

17Id.

18Eric Holder, U.S. Att’y Gen., Remarks on Financial Fraud Prosecutions at New York University School of Law (Sep. 17, 2014), ; cf. Ted Kaufman, Opinion, Why DOJ Deemed Bank Execs Too Big to Jail, Forbes (July 29, 2013, 9:30 AM), (quoting Lanny Breuer, head of the Criminal Division of the U.S. Department of Justice, who observed that “[t]he strongest deterrent against corporate crime is the prospect of prison time for individual employees”); Jed S. Rakoff, The Financial Crisis: Why Have No High-Level Executives Been Prosecuted?, N.Y. Rev. Books, Jan. 9, 2014, at 4 (arguing that the individual prosecution is a better deterrent and more technically and morally sound than prosecuting a company); Benjamin M. Lawsky, Superintendent, N.Y. State Dep’t of Fin. Serv., Address at the Exchequer Club (Mar. 19, 2014), (“[R]eal deterrence, in my opinion, means a focus not just on corporate accountability, but on individual accountability.”).

19In theory, this Article’s analysis can apply to any type of firm that engages in business. In practice, the analysis is intended primarily to apply to systemically important firms—that is, firms whose failure would be likely to have systemic consequences.

20Cf. infra note 22 and accompanying text (observing that the risk-taking leading to the financial crisis resulted not from criminal intent but from poor decisions, bad judgment, and greed).

21Cf. Jean Eaglesham, Financial Crimes Bedevil Prosecutors, Wall St. J. (Dec. 6, 2011), (reporting that some legal experts have explained that “most controversial behavior [such as risk-taking] likely was a product of poor judgment, not criminal wrongdoing”); Peter J. Henning, Making Misconduct a Crime, N.Y. Times (June 24, 2013, 2:13 PM), (observing the Department of Justice’s explanation for the lack of criminal prosecutions of corporate executives for risktaking: “the difficulty prosecutors face in proving an individual’s specific intent to commit a crime”).

22Christine Hurt, The Duty to Manage Risk, 39 J. Corp. L. 253, 256–57 (2014). There are, of course, other reasons advanced for the financial crisis. See, e.g., Arthur E. Wilmarth, Jr., Turning a Blind Eye: Why Washington Keeps Giving in to Wall Street, 81 U. Cin. L. Rev. 1283, 1283–84 (2013) (maintaining that the financial crisis resulted from Wall Street’s alleged co-option of politicians and regulators).

23Interview by Frontline with Lanny Breuer, Head of Criminal Div., U.S. Dep’t of Justice (Nov. 30, 2012) (emphasis added), . Breuer suggests, as does this Article, that civil liability is the more appropriate remedy: “[I]f you can establish that you . . . were open about your greed, that you were open about [and disclosed] the fact that your representations may not be precise [and the other side accepts that or doesn’t care], do I think we . . . . should sue you for every penny you’re worth? I think we should sue you for every penny you’re worth.” Id.

24Cf. Rakoff, supra note 18 (arguing that criminal liability should be imposed if the Great Recession arose from “fraudulent practices, of dubious mortgages portrayed as sound risks and packaged into ever more esoteric financial instruments, the fundamental weaknesses of which were intentionally obscured”).

25Cf. Holder, supra note 18 (“Between 2009 and 2013, the Justice Department charged more white-collar defendants than during any previous five-year period going back to at least 1994.”). There is a related inquiry that is beyond the scope of this Article: whether certain types of financial fraud cases are becoming difficult to criminally prosecute because their complexities undermine the ability of prosecutors to prove guilt beyond a reasonable doubt. For more information on the failed securities-fraud criminal case against two Bear Stearns hedge fund managers that may exemplify this type of case, see infra note 81 and accompanying text. Attorney General Holder observes thatwhen it comes to more complex transactions that involve more sophisticated traders—as opposed to run-of-the-mill “liar loan” cases or out-and-out Ponzi schemes—a criminal prosecution of an individual can be difficult, more complicated, to mount. This is true for any number of reasons—from possible advice-of-counsel defenses; to the adequacy or inadequacy of written disclosures; to the difficulty to establish materiality and intent. And in some instances, it is simply not possible to establish knowledge of a particular scheme on the part of a high-ranking executive who is far removed from a firm’s day-to-day operations.This has been a source of frustration for the public for a long time.Holder, supra note 18.

26See infra notes 137–39 and accompanying text. This Article does not examine all forms of optimal regulation that could limit excessive risk-taking or its systemic consequences; its scope is limited to regulation that imposes personal liability to deter excessive risk-taking. Thus, the Article does not consider, for example, whether to break up systemically important firms. I am, however, separately comparing regulation that imposes personal liability to deter excessive risk-taking with other forms of regulation. See infra note 142.

27See Fin. Crisis Inquiry Comm’n, supra note 3, at xvii–xix; Hurt, supra note 22, at 254–57 (observing that most of the actions leading to the financial crisis represented excessive corporate risk-taking); Lew, supra note 3.

28Cf. Gabriel Jiménez, Jose A. Lopez & Jesús Saurina, How Does Competition Impact Bank Risk-Taking? 2 (Fed. Reserve Bank of S.F. Working Paper Series, Paper No. 2007-23, 2007), (arguing that increasing competition among banks increases the need to engage in risk-taking: “Competition [in banking] should . . . encourage [banks] to pursue riskier policies in an attempt to maintain [their] former profits”).

29See Eduardo Porter, Recession’s True Cost Is Still Being Tallied, N.Y. Times (Jan. 21, 2014), (observing that regulations that require financial institutions to increase capital cushions to buffer against risks and potential losses have been criticized for cutting into global economic output and reducing jobs).

30Hurt, supra note 22, at 290 (“If excessive risk-taking harms anyone, it is the shareholder.”); cf. Robert T. Miller, Oversight Liability for Risk-Management Failures at Financial Firms, 84 S. Cal. L. Rev. 47, 110 (2010) (observing and expanding that traditional view by listing four different ways in which financial risks can be excessive, one them being risks in excess of the shareholders’ risk tolerance).

31See, e.g., Steven L. Schwarcz, Rethinking a Corporation’s Obligations to Creditors, 17 Cardozo L. Rev. 647, 679 (1996). Shareholders tend to be risk-seeking because they typically benefit fully from an increase in a firm’s value but only partially are harmed by a decrease. Creditors tend to be more risk-averse because they typically do not benefit from an increase in a firm’s value and are harmed by a fall in the firm’s value that causes insolvency. Id. at 674.

32The exception is a firm’s insolvency, and arguably also its “contingent insolvency,” when the firm’s creditors effectively become senior residual equity claimants. See Schwarcz, supra note 31, at 671–72 (explaining this and defining contingent insolvency).

33Id. at 651 & n.12.

34See infra note 139 and accompanying text (discussing public control through privately enforced rights).

35Hurt, supra note 22, at 258–59; e.g., Miller, supra note 30, at 89–90. Other private remedies are available too, including the ability of investors to sell their securities and to cause poor managers to be removed. Hurt, supra note 22, at 258.

36Cf. Steven L. Schwarcz, Systemic Risk, 97 Geo. L.J. 193, 204 (2008) (defining systemic risk). The “real economy” means the economic reality, such as a recession, that people actually experience.

37See, e.g., Wulf A. Kaal & Richard W. Painter, Initial Reflections on an Evolving Standard: Constraints on Risk Taking by Directors and Officers in Germany and the United States, 40 Seton Hall L. Rev. 1433, 1438, 1441, 1465 (2010) (observing the controversy over “whether there is any such thing as excessive risk, and if so, how excessive risk is to be defined”).

38See infra notes 131–36 and accompanying text. Another factor causing this confusion is that, because the law increasingly lags financial innovation, many actions taken by financial firms will not be illegal when taken although they may later become illegal. See infra notes 54– 56 and accompanying text.

39Cf. infra notes 131–36 and accompanying text (observing that economic harm is not always caused by wrongdoers).

40This Article’s analysis is not limited to banks or even to financial firms generally. Rather, it should apply to any type of firm whose failure could have systemic consequences. The United States and other foreign governments are currently grappling with how to define those types of firms. Cf. Daniel Schwarcz & Steven L. Schwarcz, Regulating Systemic Risk in Insurance, 81 U. Chi. L. Rev. 1569, 1580–84 (2014) (discussing the criteria of interconnectedness, substitutability, and size that governments are using to define systemically important firms).

41Miller, supra note 30, at 109–10 (observing that when different types of “excessive risk” are distinguished, the type that may have been the actual cause of the financial crisis may be different from the type used to justify imposition of personal liability); Schwarcz, supra note 36, at 206 (observing that harm to the real economy hurts the public).

42Cf. Viral Acharya et al., How to Measure and Regulate Systemic Risk, NYU Leonard N. Stern Sch. Bus., 1, 4, (arguing that current financial regulation does not provide the incentives to internalize negative externalities) (last visited Nov. 1, 2015).

43Schwarcz, supra note 36, at 206. The collapse of Lehman Brothers illustrates this. Lehman Brothers had engaged in highly profitable, but also high-risk and high-leverage, business strategies. The financial stresses caused by “defaults in the subprime mortgage and commercial real estate markets” then caused Lehman Brothers to default, roiling financial markets and threatening the entire U.S. economy with collapse. Edward J. Estrada, The Immediate and Lasting Impacts of the 2008 Economic Collapse—Lehman Brothers, General Motors, and the Secured Credit Markets, 45 U. Rich. L. Rev. 1111, 1115 (2011).

44Miller, supra note 30, at 117 (describing this as “an example of a well-understood type of collective action problem—a tragedy of the commons”); see also Schwarcz, supra note 36, at 206.

45Steven L. Schwarcz, Controlling Financial Chaos: The Power and Limits of Law, 2012 Wis. L. Rev. 815, 821.

46Id.

47Creditors, for example, still try to protect their (risk-averse) interests through contractual covenants, but those covenants do not purport, and are not required, to protect against systemic risk.

48Cf. Miller, supra note 30, at 109–10 (arguing that the difficulty of imposing personal liability for excessive risk-taking stems from the fact that there are various meanings of excessive risk, including “excessive systemic risk, that is, risk in excess of what can be socially justified”).

49See infra Part III.A.

50CDOs are asset-backed securities that are backed by—and thus their payment derives principally or entirely from—a mixed pool of mortgage loans, other financial assets owned by a special-purpose entity, or both. Steven L. Schwarcz, Protecting Financial Markets: Lessons from the Subprime Mortgage Meltdown, 93 Minn. L. Rev. 373, 376 (2008). By using CDOs as an example, I am not suggesting that designing a CDO is inherently bad, much less illegal. In my experience, if the financial assets backing a CDO are diversified loan obligations, the CDO’s securities may well be a prudent investment. Greater risk can arise, however, where those financial assets themselves consist of already leveraged asset-backed securities (ABS) or derivatives (such as credit–default swaps). Id. at 376–77, 376 n.19. CDO transactions involving financial assets consisting of ABS or derivatives are sometimes referred to as “resecuritizations” or ABS CDO transactions—the latter term referring to a CDO of ABS. Id. at 376–77. An ABS CDO transaction backed by derivatives is sometimes also referred to as a “synthetic” transaction. Id. at 376 n.19.

51Holder, supra note 18.

52Thomas W. Malone, Making the Decision to Decentralize, Harv. Bus. Sch.: Working Knowledge (Mar. 29, 2004), ; cf. Chris Joseph, The Advantages of a Decentralized Organizational Structure, Hous. Chron., (last visited Nov. 1, 2015) (arguing that decentralization empowers employees, creates more efficient decision-making, and eases the burden of expansion).

53Panos Mourdoukoutas, Business Strategy in a Semiglobal Economy 125 (2006).

54See, e.g., Erik F. Gerding, Law, Bubbles, and Financial Regulation 500 (2014). Gerding stated thatanother persistent challenge to financial regulators . . . [is] keeping up with the pace of private sector financial innovation. The rapid development of new financial instruments, transactions, and markets confounds the ability of regulators to understand the true purpose behind these inventions . . . let alone to spot systemic and other risks.Id.; Eric J. Pan, Understanding Financial Regulation, 2012 Utah L. Rev. 1897, 1934 (“Regulators must manage complexity. The development of new financial products stresses the capacity of regulators to keep up and understand how to regulate these instruments.”); Steven L. Schwarcz, Regulating Complexity in Financial Markets, 87 Wash. U. L. Rev. 211, 240 (2009).

55Cf. Henry T.C. Hu, Misunderstood Derivatives: The Causes of Informational Failure and the Promise of Regulatory Incrementalism, 102 Yale L.J. 1457, 1499 (1993) (arguing that regulators cannot keep up with the development of complex derivatives products because of the time lag); Edward J. Kane, Hair of the Dog that Bit Us: The Insufficiency of New and Improved Capital Requirements 6 (Aug. 11, 2014) (unpublished manuscript), (“In the metagame of controlling regulation-induced risk-taking, regulators are outcoached, outgunned, and always playing from behind.”).

56See generally Steven L. Schwarcz, Intrinsic Imbalance: The Impact of Income Disparity on Financial Regulation, 78 Law & Contemp. Probs. 97 (2015) (discussing how income disparity, coupled with the complexity of financial products and markets, creates “information asymmetry” between regulators and the industry).

57See infra note 139 and accompanying text.

58See, e.g., Franklin A. Gevurtz, The Role of Corporate Law in Preventing a Financial Crisis: Reflections on In re Citigroup Inc. Shareholder Derivative Litigation, 23 Pac. McGeorge Global Bus. & Dev. L.J. 113, 127 (2010) (observing that the concept of “[i]mposing liability to pay the damages resulting from unreasonable risks . . . . is a pillar of tort law”).

59Steven L. Schwarcz, The Governance Structure of Shadow Banking: Rethinking Assumptions About Limited Liability, 90 Notre Dame L. Rev. 1, 22 (2014).

60Id.

61See supra note 50 (explaining ABS CDO securities).

62Arguably, another example of a change in the intersection of law and finance that is impeding the imposition of personal liability might be that regulatory coordination is diminishing. Financial regulators sometimes attempt to coordinate their efforts in order to increase effective regulation and decrease duplication. U.S. Gov’t Accountability Off., GAO-12-151, Dodd-Frank Act Regulations: Implementation Could Benefit from Additional Analyses and Coordination 20 (2011). Professor Utset argues, for example, that a regulatory agency may delay imposing personal liability for financial wrongdoing due to a mistaken belief that another agency will. Manuel A. Utset, Rational Financial Meltdowns, 10 Hastings Bus. L.J. 407, 430–31 (2014). This coordination problem is especially problematic where multiple agencies—such as the SEC, the Consumer Financial Protection Bureau (CFPB), and the DOJ—have jurisdiction. See id. Therefore, this coordination problem will ultimately lead to under-enforcement if each of the agencies mistakenly believes that another agency is taking care of the problem. Id. The problem with this example is that, in response to the financial crisis, the Dodd–Frank Act requires the Financial Stability Oversight Council (FSOC) to “facilitate interagency coordination by facilitating information sharing and coordination among its member agencies and other federal and state agencies on the development of financial services policy, rulemaking, examinations, reporting requirements, and enforcement actions.” U.S Gov’t Accountability Off., supra at 21 (citing 12 U.S.C. § 5322(a)(2)(E)). Therefore, even if regulatory coordination was diminishing prior to the financial crisis, it now is likely to increase.

63Recall that tort law constitutes public control through privately enforced rights. See infra note 139 and accompanying text. Another reason that tort law might be more effective in internalizing systemic harm when applied to firms, rather than individuals, is that “the notion of risk in torts is very different from the notion of risk in finance.” Miller, supra note 30, at 122.

64Steven L. Schwarcz & Lucy Chang, The Custom-to-Failure Cycle, 62 Duke L.J. 767, 789–90, 789 n.108 (2012) (citing Guido Calabresi, Some Thoughts on Risk Distribution and the Law of Torts, 70 Yale L.J. 499, 529 (1961)).

65Id. at 789.

66Id.

67Id. at 789–90.

68Judge Rakoff suggests that there is another reason why changes in prosecutorial behavior may be impeding the imposition of personal liability: the reluctance to prosecute may partly derive from the federal government’s own role in inadvertently triggering the financial crisis, including de-regulation, lax banking oversight, keeping interest rates low, and the encouragement of subprime lending to provide housing for low-income people. See Rakoff, supra note 24. Any such reluctance, however, should logically apply not only to imposing personal liability but also to imposing firm-level liability.

69United States v. Arthur Andersen, LLP, 374 F.3d 281 (5th Cir. 2004) (affirming the trial court’s conviction of Arthur Andersen for obstruction of justice for destroying Enron’s documents after the government commenced its investigation of Enron’s accounting), rev’d, Arthur Andersen, LLP v. United States, 544 U.S. 696 (2005); Jesse Eisinger, The Fall Guy: There’s a Reason Only One Top Banker Went to Jail for the Financial Crisis, N.Y. Times Mag., May 4, 2014, at 34. Ironically, this conviction was overturned by the Supreme Court in 2005 because the trial court erred by granting the government’s request to loosen the standard jury instructions. Andersen, 544 U.S. 696.

70Randall W. Forsyth, Too Big to Jail, Barron’s, March 11, 2013, at 5. Attorney General Holder expressed concerns that “if you do prosecute, if you do bring a criminal charge, it will have a negative impact on the national economy, perhaps even the world economy.” Id. Holder later said his comments were misconstrued. In a weekly video address, he promised aggressive enforcement, saying that there was no such thing as “too big to jail,” clarifying that enforcement should be coupled with consultation with regulators to avoid broader economic impacts. The Justice Department, No Company or Individual Is Too Big to Jail, YouTube (Oct. 15, 2014), .

71Lanny A. Breuer, Assistant Att’y Gen., U.S. Dep’t. of Justice Criminal Div., Address at the New York City Bar Association: The Role of Deferred Prosecution Agreements in White Collar Criminal Law Enforcement (Sept. 13, 2012), .

72The precedents cited go to firm-level criminal liability, sometimes referred to as “too big to jail.” I later discuss firm-level civil liability. See infra Part II.

73Professor Levitin raises other possible explanations for prosecutorial risk aversion. One is the “deep personal, cultural, financial and political ties” between the administration and Wall Street as well as a “fear that the Obama administration would be accused of an anti-business witch hunt if it went after Wall Street.” Joe Nocera, Opinion, The Hole in Holder’s Legacy, N.Y. Times (Sept. 29, 2014), (quoting Professor Levitin in a personal email to the author). Again, this explanation fails to account for the move to prosecute firms rather than individuals. Another explanation Nocera advances for prosecutorial risk aversion is “a lack of understanding of the products and markets involved.” Id.

74See, e.g., Michael Edmund O’Neill, When Prosecutors Don’t: Trends in Federal Prosecutorial Declinations, 79 Notre Dame L. Rev. 221, 224 (2003) (“Scarce resources . . . dictate that prosecutors will be unable to pursue each matter that is placed upon their desk for consideration.”); cf. Adam M. Gershowitz & Laura R. Killinger, The State (Never) Rests: How Excessive Prosecutorial Caseloads Harm Criminal Defendants, 105 Nw. U. L. Rev. 261, 264 (2011) (“Because they are overburdened, prosecutors—who are sworn to achieve justice, not to win at all costs—lack the time and resources to carefully assess which defendants are most deserving of punishment.”). Gershowitz and Killinger further explain that “[o]verburdened prosecutors who lack the time to thoroughly investigate cases, subpoena witnesses, meet with experts, and complete a host of other tasks will find themselves disadvantaged at trial. Guilty defendants who should be convicted go free because prosecutors lack the time and resources necessary to win at trial.” Id. at 265; cf. Utset, supra note 62, at 429 (arguing that regulators delay monitoring and disciplining financial institutions because of budgetary limitations).

75Rakoff, supra note 18, at 6. Judge Rakoff observes thatbefore 2001, the FBI had more than one thousand agents assigned to investigating financial frauds, but after September 11 many of these agents were shifted to antiterrorism work. Who can argue with that? Yet the result was that, by 2007 or so, there were only 120 agents reviewing the more than 50,000 reports of mortgage fraud filed by the banks.Id.

76Id.

77See supra notes 10–11 and accompanying text.

78See text accompanying notes 1–6.

79See Urska Velikonja, Leverage, Sanctions, and Deterrence of Accounting Fraud, 44 U.C. Davis L. Rev. 1281 (2011) (arguing that wrongdoing insiders are rarely sanctioned due to prohibitive costs and managers’ control of discovering individual identities and actions of this information); Eisinger, supra note 69, at 34.

80Nocera, supra note 73 (“[O]ver the years, the [U.S.] Justice Department saw ‘an erosion of the department’s actual trial skills.’” (quoting Eisenger, supra note 69, at 34)).

81Eisinger, supra note 69. In the Justice Department’s single foray into bringing a criminal case against individuals involved in the financial crisis, the two accused Bear Stearns hedge fund managers were acquitted. Amir Efrati & Peter Lattman, U.S. Loses Bear Fraud Case, Wall St. J., Nov. 11, 2009, at A.1, http://www.wsj.com/articles/SB125788421912541971. Jurors found there was no evidence of criminal intent beyond a reasonable doubt, with one juror saying that the prosecution had not provided enough information. Id.; cf. Zaring, supra note 4, at 1441 (arguing that the lack of prosecutions following the financial crisis is due, in part, to the government’s belief that these cases are too difficult to win).

82Recall that this Article focuses on civil personal liability. Cf. supra notes 20–23 and accompanying text (explaining this limited focus).

83SEC v. Citigroup Global Capital Mkts., 827 F. Supp. 2d. 328, 329 (S.D.N.Y. 2011), vacated, 752 F.3d 285 (2d Cir. 2014).

84SEC v. Stoker, 865 F. Supp. 2d 457 (S.D.N.Y. 2012).

85Cf. Schwarcz, supra note 50 (explaining ABS CDO transactions). The SEC alleged, among other things, that $500 million of the assets included in the ABS CDO had been falsely marketed to investors as having been selected by a third party, using the third party’s proprietary selection process, and that the marketing materials failed to disclose that Citigroup separately bet against those assets. Stoker, 865 F. Supp. 2d at 462.

86Peter Lattman, A Jury’s Message for Wall Street, N.Y. Times, Aug. 4, 2012, at B1, http://query.nytimes.com/gst/fullpage.html?res=9C04EED71739F937A3575BC0A9649D8B63.

87Id. (quoting the jury foreman as wondering why Citigroup’s CEO wasn’t on trial). The jury also issued the following statement, which was read by presiding Judge Rakoff: “This verdict should not deter the S.E.C. from investigating the financial industry, to review current regulations and modify existing regulations as necessary.” Peter Lattman, Jury Clears Ex-Manager at Citigroup in Debt Case, N.Y. Times, Aug. 1, 2012, at B1, http://query.nytimes.com/gst/fullpage.html?res=9A0DE5DD1230F932A3575BC0A9649D8B63; see also Marian Wang, Why No Financial Crisis Prosecutions? Ex-Justice Official Says It’s Just Too Hard, ProPublica (Dec. 6, 2011, 3:08 PM), .

88James Sterngold, Dan Fitzpatrick & Nick Timiraos, BofA, Ex-CEO Lewis Settle Crisis-Era Suits, Wall St. J. (Mar. 26, 2014, 7:24 PM), .

89Id.

90Rakoff, supra note 18.

91Id.

92See infra notes 96–99 and accompanying text.

93Rakoff, supra note 18.

94But see Rakoff, supra note 18. Even tort law might be more effective, as discussed, when applied to firms rather than to individuals. See Schwarcz & Chang, supra note 64; see also Miller, supra note 30, at 122.

95See supra notes 12–14 and accompanying text.

96A DPA is a contractual arrangement between a firm and the government that enables the firm to avoid prosecution in return for agreeing to act responsibly in the future. See Wulf A. Kaal & Timothy A. Lacine, The Effect of Deferred and Non-Prosecution Agreements on Corporate Governance: Evidence from 1993–2013, 70 Bus. Law. 61, 63 (2015). In a typical DPA, the government “imposes sanctions, such as fines, restitution, and institutional changes,” or imposes particular reporting duties. Id. If (as applicable) the firm observes those sanctions, pays the fines and restitution, makes the requested changes, and provides the reporting, it can avoid prosecution. Id. This Article uses the more common term, DPA, to also include a non-prosecution agreement (NPA). Technically, a DPA refers to an arrangement that dismisses filed charges and an NPA refers to an arrangement not to file charges in the first place. Id.

97See Breuer, supra note 71.

98Id.

99Jennifer Arlen, Corporate Criminal Liability: Theory and Evidence, in Research Handbook on the Economics Criminal Law 144, 169 (Alon Harel & Keith N. Hylton eds., 2012); cf. Kaal & Lacine, supra note 96, at 62, 119 (arguing that deferred and non-prosecution agreements have increased substantially in recent years and have led to broad changes and improvements to corporate governance).

100See, e.g., Mike Koehler, The Foreign Corrupt Practices Act Under the Microscope, 15 U. Pa. J. Bus. L. 1, 19 (2012) (“[DPAs] allow egregious instances of corporate conduct to be resolved too lightly. Because the government does not file actual charges to which a company must plead, such conduct is often resolved without adequate sanctions and without achieving maximum deterrence.”).

101Brandon L. Garrett, Recidivist Banks, Brandon L. Garrett (Oct. 30, 2014), . Garrett further observes that the DPAs implemented from 2001 to 2012 have been largely ineffective due, in part, to fines that have lacked any meaningful impact. Brandon L. Garrett, Too Big to Jail: How Prosecutors Compromise With Corporations 67–70 (2014). DPAs also have failed to require companies to assess the effectiveness of compliance programs, and there have been very few monitors overseeing such agreements:[T]he more I have examined how prosecutors have actually implemented the [DPA] approach, the more troubled I have become. Prosecutors allow many large companies to avoid an indictment or a conviction, largely freeing them from judicial oversight . . . .. . . The terms of these agreements often lack any rigorous structural reforms. Most did require the creation of some kind of compliance program (63 percent, or 160 of 255 agreements), but only a quarter called for independent monitors to supervise compliance, and fewer required evaluating the effectiveness of compliance. . . . The agreements were short-lived, lasting for an average of just over two years. It is doubtful that a large company’s culture can be reformed in so little time. Despite the genuine ambition of the new approach, reading the terms of these agreements tells us something quite unsettling about how large corporate prosecutions are actually resolved.Id. at 47–48.

102See, e.g., Ben Protess & Jessica Silver-Greenberg, Repeat Offenses Are Suspected on Wall Street, N.Y. Times, Oct. 30, 2014, at A1. For example, prosecutors in Washington and New York are investigating whether the British bank, Standard Chartered, repeatedly violated a DPA entered into as part of a 2012 settlement over accusations that it transferred billions of dollars to nations blacklisted by the United States. Id. As Protess and SilverGreenberg point out, “The cycle of misbehavior is difficult to break. Regulators and prosecutors blame a culture that prioritizes profit over compliance. And as banks have grown larger, and more international, illegality can stop in one unit of a bank even as it flourishes in another.” Id.

103See, e.g., U.S. Gov’t Accountability Off., GAO-10-110, Corporate Crime: DOJ Has Taken Steps to Better Track Its Use of Deferred and Non-Prosecution Agreements, but Should Evaluate Effectiveness 2 (2009) (“DOJ views DPAs and NPAs as appropriate tools to use in cases where the goals of punishing and deterring criminal behavior, providing restitution to victims, and reforming otherwise law-abiding companies can be achieved without criminal prosecution.”); cf. Jed S. Rakoff, Justice Deferred Is Justice Denied, N.Y. Rev. Books (Feb. 19, 2014), (observing that the “intellectual origins” of DPAs “can be traced back at least to the 1980s, when various academics suggested that the best way to deter ‘crime in the suites’ was to foster a culture within companies of acting ethically and responsibly”).

104See supra text accompanying note 39; cf. infra notes 132–34 and accompanying text (observing that economic harm is not always caused by wrongdoers). Furthermore, until this Article, excessive systemic corporate risk-taking had not even been clearly defined.

105See supra note 69 and accompanying text.

106See supra notes 69–71 and accompanying text.

107John C. Coffee, Jr., “No Soul to Damn: No Body to Kick”: An Unscandalized Inquiry into the Problem of Corporate Punishment, 79 Mich. L. Rev. 386, 401 (1981).

108See, e.g., Kaal & Lacine, supra note 96, at 63–64.

109Id. at 69.

110See supra notes 101–02 and accompanying text (observing that some firms continue to engage in actions prohibited by DPAs); see also Court E. Golumbic & Albert D. Lichy, The “Too Big to Jail” Effect and the Impact on the Justice Department’s Corporate Charging Policy, 65 Hastings L.J. 1293, 1312 n.126 (2013) (citing Elkan Abramowitz & Barry A. Bohrer, The Debate About Deferred and Non-Prosecution Agreements, 248 N.Y. L.J., Nov. 6, 2012, at 3 (“DPAs . . . allow[] corporate criminals to receive no more than a slap on the wrist and make the decision to police criminal activity within a corporation ‘just another dollars-and-cents decision.’” (alteration in original))).

111A partial solution to reduce this moral hazard might be for prosecutors to utilize constructive ambiguity, sometimes offering firms DPAs and sometimes prosecuting or fining them. The use of constructive ambiguity prior to the financial crisis to try to reduce moral hazard suggests, however, that it can be ineffective. Once the Federal Reserve bailed out Bear Stearns, everyone expected it to bail out Lehman Brothers. U.S. Fin. Crisis Inquiry Comm’n, supra note 3, at 482–83. Moreover, the shock caused by the Fed’s failure to bail out Lehman Brothers was the final straw that triggered the collapse that led to the financial crisis. See id. (explaining that market participants did not expect the Federal Reserve to fail to rescue Lehman after Bear’s bailout and, thus, the resulting economic uncertainty caused the banks to hoard cash and stop all lending to other banks).

112See supra Part I (discussing the changes impeding the imposition of personal liability).

113See supra Part I.C.2.

114There might be legal ways, however, to try to increase the effectiveness of those resources, such as by outsourcing prosecutions to expert trial lawyers. Cf. Steven L. Schwarcz, To Make or to Buy: In-House Lawyering and Value Creation, 33 J. Corp. L. 497 (2008) (examining the comparative efficiency of using in-house lawyers or hiring outside counsel).

115Cf. Manuel Sánchez, Financial Innovation and the Global Crisis, 5 Int’l J. Bus. & Mgmt., Nov. 2010, at 26, 31 (arguing that in order to reduce the possibility of future financial instability, “regulation and supervision should help align the incentives of market participants towards prudent risk taking,” which can be accomplished without impeding financial innovation).

116A “cost–benefit analysis,” which in economic terms parallels a Kaldor–Hicks efficiency analysis, generally seeks to provide guidance on the formation of policy by comparing the policy’s benefits and costs. Lewis A. Kornhauser, On Justifying Cost-Benefit Analysis, 29 J. Legal Stud. 1037, 1037–39 (2000). Its main justification is pragmatic, in that it “often seems to improve the quality of decisions.” Richard A. Posner, Cost-Benefit Analysis: Definition, Justification, and Comment on Conference Papers, 29 J. Legal Stud. 1153, 1159 (2000) (quoting Kornhauser, supra, at 1038). It also can promote efficiency; see, e.g., Robert B. Ahdieh, Reanalyzing Cost-Benefit Analysis: Toward a Framework of Function(s) and Form(s), 88 N.Y.U. L. Rev. 1983, 2010 (2013) (arguing that cost–benefit analysis promotes efficiency by helping to achieve better outcomes, reduce cognitive biases, and more effectively set priorities).

117See, e.g., John C. Coates IV, Cost-Benefit Analysis of Financial Regulation: Case Studies and Implications, 124 Yale. L.J. 882, 968 (2015). Coates examines how cost–benefit analysis would work in practice if applied to financial regulation. To that end, he engages in case studies of six financial rules. He finds that quantified cost–benefit analysis of those rules can be no more than “guesstimated.” Id. at 1011.

118Some have argued, at least informally, that financial innovations are inherently less valuable than technological innovations. But cf. Kathryn Judge, Fee Effects, 98 Iowa L. Rev. 1517, 1533, 1568 (2013) (“The primary function of the capital markets is to allocate scarce resources among different projects, ideally based upon the expected returns of each.”); Sánchez, supra note 115, at 26–28 (arguing that, as long as excessive risk-taking is discouraged, financial innovation can directly improve economic well-being, benefit societies, increase material well-being, allocate financial resources to their most productive uses, lower the cost of capital, and benefit households and corporations); Ben S. Bernanke, Chairman, Fed. Reserve Sys., Address at the Federal Reserve System’s Sixth Biennial Community Affairs Research Conference: Financial Innovation and Consumer Protection (Apr. 17, 2009), (arguing that “financial innovation has improved access to credit, reduced costs, and increased choice” in the financial markets, as illustrated by the development of the secondary mortgage market—which has given “mortgage lenders greater access to the capital markets, lower[ed] transaction costs, and spread[] risk more broadly”—and the innovation of credit cards, which has improved communications, management of data, and credit scoring).

119 E.g., supra note 17 and accompanying text (describing the financial crisis as an “economic assault that cost millions of Americans their jobs and homes, while wiping out investors, good businesses, and markets”); cf. Thomas M. Hoenig, Vice Chairman, Fed. Deposit Ins. Corp., Speech Before the Institute of International and European Affairs: Global Banking: A Failure of Structural Integrity (Dec. 13, 2013) (observing that the concentration and complexity of banking institutions have left the U.S. economy increasingly vulnerable to industry mistakes, with the eight largest U.S. global systemically important banking firms collectively holding $15 trillion in assets or the equivalent of 90% of GDP). In contrast, the failure of ordinary firms principally impacts only their shareholders and creditors.

120Hilary J. Allen, A New Philosophy for Financial Stability Regulation, 45 Loy. U. Chi. L.J. 173, 191 (2013).

121See James Salzman & Barton H. Thompson, Jr., Environmental Law and Policy 16 (2d ed. 2007).

122Allen, supra note 120, at 191–92; see also Saule T. Omarova, License to Deal: Mandatory Approval of Complex Financial Products, 90 Wash. U. L. Rev. 63, 84 (2012) (“[A]dopting and operationalizing the general concept of precaution in the context of post-crisis financial systemic risk regulation may be a worthwhile, and even necessary, exercise.”); Schwarcz, supra note 36, at 234–35 (applying a precautionary principle to cost–benefit balancing involving systemic risk).

123Allen, supra note 120, at 195 (quoting Cass R. Sunstein, Beyond the Precautionary Principle, 151 U. Pa. L. Rev. 1003, 1012 (2003)).

124Id. at 195; see also Cass R. Sunstein, Beyond the Precautionary Principle, 151 U. Pa. L. Rev. 1003, 1014 (2003) (identifying a fourth form of the precautionary principle, under which “[r]egulation should include a margin of safety, limiting activities below the level at which adverse effects have not been found or predicted”).

125Allen, supra note 120, at 196 n.90.

126See supra notes 28–29 and accompanying text.

127Allen, supra note 120, at 195.

128Id.

129See supra note 119 and accompanying text (observing that the failure of systemically important firms could have massively harmful consequences to the real economy).

130Compare infra text accompanying notes 173–74 (arguing for a “considerably outweigh” requirement to justify private benefit that causes public harm), with Sunstein, supra note 124, at 1014 (discussing a socalled fourth form of the precautionary principle, requiring a margin of safety).

131Schwarcz & Chang, supra note 64, at 788; cf. John C. Coffee, Jr., The Political Economy of DoddFrank: Why Financial Reform Tends to Be Frustrated and Systemic Risk Perpetuated, 97 Cornell L. Rev. 1019, 1020–21 (2012) (observing that the Sarbanes–Oxley Act of 2002 and the Dodd–Frank Act of 2010 “showed hints of the public’s desire for retribution”).

132See supra notes 21–22 and accompanying text (observing that such actions mostly represented excessive, but not illegal, corporate risk-taking resulting from poor decisions, bad judgment, and greed).

133 See, e.g., Gretchen Morgenson & Louise Story, Banks Bundled Bad Debt, Bet Against It and Won, N.Y. Times: DealBook (Dec. 23, 2009), (“The creation and sale of synthetic C.D.O.’s helped make the financial crisis worse than it might otherwise have been, effectively multiplying losses by providing more securities to bet against.”); Yves Smith, On Goldman’s (and Now Morgan Stanley’s) Deceptive Synthetic CDO Practices (aka Screwing Their Customers), Naked Capitalism (Dec. 30, 2009), .

134See supra note 50. In other words, there may be a misperception that the government should be hunting big game, John C. Coffee, Jr., Address at the University of St. Thomas Law Review Symposium: Beyond Crises-Driven Regulation–Initiatives for Sustainable Financial Regulation (Apr. 11, 2014) (transcript on file with author), but, mixing metaphors, the “big game” may not have done anything illegal to justify their being hunted.

135Vikramaditya S. Khanna, Corporate Crime Legislation: A Political Economy Analysis, 82 Wash. U. L.Q. 95, 126–29 (2004).

136For example, the OTS’s regulatory action against Kaye Scholer in response to the Lincoln Saving & Loan Association crisis illustrates how a government entity may abuse retroactive law to alleviate political pressure imposed by the public and the media. See Steven L. Schwarcz, The Limits of Lawyering: Legal Opinions in Structured Finance, 84 Tex. L. Rev. 1, 40–41 (2005).

137This Article argues, for example, that corporate governance law should be reformulated to include the impact of systemic harm on the public. Contrary to traditional corporate governance law, which uses privately enforced rights in the form of shareholder derivative suits to subject managers to personal liability for engaging in excessive risk-taking that harms shareholders, see supra notes 34–35 and accompanying text, shareholders would have no interest in imposing liability on managers of their firm for externalizing systemic harm onto the public. I therefore propose that the government have direct authority to impose personal liability on managers for engaging in excessive risk-taking that causes systemic harm. See infra Part III.A.

138For example, this Article argues for narrowing the limited liability protection of certain shareholding corporate managers, which would expose them to more of their firm’s liabilities and thereby reduce their incentive to cause the firm to take highly risky actions. See infra notes 231–41 and accompanying text.

139Richard A. Posner, Economic Analysis of Law § 13.1, at 383 (6th ed. 2003).

140See supra notes 35–49 and accompanying text.

141Cf. Richard Posner, Law, Pragmatism, and Democracy 73, 270 (2003) (arguing that legal reasoning may not exist as an independent concept and that consequences are what really matter).

142I am separately examining the extent to which the “public governance duty” discussed above should supplement, or substitute for, other ways of regulating control of excessive corporate risk-taking. See Steven L. Schwarcz, Misalignment: Corporate Risk-Taking and Public Duty (Duke Law Sch. Pub. Law & Legal Theory Series No. 2015-40, 2015), . The discussion in Part III.A assumes that such a duty should at least supplement those other ways of regulating control.

143Cf. Miller, supra note 30, at 117–18 (observing that, in order to internalize systemic externalities, “it can be entirely proper—indeed economically efficient—for government to regulate . . . activities [causing such externalities], perhaps even to prohibit them”).

144Cf. supra notes 34–35 and accompanying text (discussing shareholder derivative suits).

145Miller, supra note 30, at 119. This Article does not analyze whether any such government regulation should be federal or state. In the United States, corporate governance has been traditionally regulated by states. CTS Corp. v. Dynamics Corp., 481 U.S. 69, 88–89 (1987) (“No principle of corporation law and practice is more firmly established than a State’s authority to regulate domestic corporations.”); Burks v. Lasker, 441 U.S. 471, 478 (1979) (stating that the “first place one must look to determine the powers of corporate directors is in the relevant state’s corporation law”); Cort v. Ash, 422 U.S. 66, 84 (1975) (“Corporations are creatures of state law, and investors commit their funds to corporate directors on the understanding that, except where federal law expressly requires certain responsibilities of directors with respect to stockholders, state law will govern the internal affairs of the corporation.”). Nonetheless, the Sarbanes–Oxley and Dodd–Frank Acts set precedents for “the federal government [to] step in if regulators believe that state law is lacking in its regulation of corporate governance.” Hurt, supra note 22, at 289. Federal regulation might be needed, for example, to overcome a collective action problem that individual state regulation could drive firms to organize or reorganize in other states. Cf. Schwarcz, supra note 59, at 6 (discussing a flight-of-capital argument under corporation law that is stricter in some states than other states). This Article also does not analyze how directors and officers (D&O) liability insurance, which indemnifies managers against personal liability, might compromise the deterrent effect of imposing personal liability. Any regulatory framework for imposing such liability should take into account how that insurance coverage should be written to optimally balance managerial and public protection.

146Cf. supra notes 30–31 and accompanying text (observing that, traditionally, “excessive” risk-taking was implicitly defined by its potential impact on the firm’s investors).

1472 Treatise on the Law of Corporations § 10:5, Westlaw (database updated December 2014) (arguing that a board may be compelled to make a decision without having all the relevant facts, but the business judgment rule should protect the board from liability for this risky decision); cf. Miller, supra note 30, at 48, 103–09 (arguing that corporate risk-taking decisions “are always business decisions”).

148See, e.g., Aronson v. Lewis, 473 A.2d 805, 812 (Del. 1984); Hurt, supra note 22, at 258. Although the precise formulation of the business judgment rule depends on the relevant jurisdiction applying it, the formulation in the text above is widely accepted. 3A William Meade Fletcher, Fletcher Cyclopedia of the Law of Corporations § 1036 (Supp. 2014–2015); cf. Stephen M. Bainbridge, Corporate Law 96 (2d ed. 2009) (observing that “the one thing about the business judgment rule on which everyone agrees is that it insulates directors from liability for negligence”).

149Cf. Miller, supra note 30, at 109 (arguing that “[i]f there are cogent reasons for having a business judgment rule, those reasons should foreclose any substantive review by courts of a firm’s risk-management practices”). Although Professor Miller references “risk-management” decisions, not risk-taking decisions, he does not appear to intend to draw a distinction. Id.

150That would also respond, at least indirectly, to the impediment that prosecutorial risk-reward assessment is tightening under shrinking resources. See supra Part I.C.2.

151See Hurt, supra note 22, at 259–60.

152Id. at 258–60.

153Id. at 264–65.

154Miller, supra note 30, at 120–23 (looking at financial models used by risk managers and noting that they incorporate business judgments in selection of historical data to predict the future in an effort to smooth returns, which should be a business decision and not reviewable by the courts).

155See supra notes 41–43 and accompanying text.

156See supra notes 41–43 and accompanying text.

157Miller, supra note 30, at 109. Although beyond the scope of this Article, policymakers might consider whether certain categories of corporate risk-taking actions are so systemically risky that they should be prohibited outright.

158See supra notes 147–48 and accompanying text.

159This could include stock options, for example.

160Rachael E. Schwartz, The Clawback Provision of Sarbanes-Oxley: An Underutilized Incentive to Keep the Corporate House Clean, 64 Bus. Law., Nov. 2008, at 31 n.202 (“Of course, deference, in the form of the business judgment rule, is given to management decisions in the absence of a conflict of interest between managers and shareholders.” (citing Aronson v. Lewis, 473 A.2d 805, 812 (Del. 1984))).

161Any such gross negligence should be judged, of course, ex ante. See Joy v. North, 692 F.2d 880, 886 (2d Cir. 1982) (“[C]ourts recognize that after-the-fact litigation is a most imperfect device to evaluate corporate business decisions. . . . [A] reasoned decision at the time made may seem a wild hunch viewed years later against a background of perfect knowledge.”).

162See supra note 148 and accompanying text.

163Although gross negligence is articulated as part of the business judgment rule, directors usually are not subjected to monetary damages for violating their duty of care, even when they are grossly negligent. See, e.g., Carter G. Bishop, Directorial Abdication and the Taxonomic Role of Good Faith in Delaware Corporate Law, 2007 Mich. St. L. Rev. 905, 911; Jesse W. Markham, Jr., The Failure of Corporate Governance Standards and Antitrust Compliance, 58 S.D. L. Rev. 499, 502 (2013) (observing that although it is included in the duty of care, gross negligence “has almost no place in the life of a board member of a public company because every state of the Union has enacted so-called ‘exculpation’ enabling laws that permit corporations to excuse their boards of any duty of care”).

164See, e.g., Smith v. Van Gorkom, 488 A.2d 858, 893 (Del. 1985) (finding that the board of directors failed to exercise due care in evaluating and recommending a merger for shareholder approval), overruled on other grounds by Gantler v. Stephens, 965 A.2d 695 (Del. 2009).

165See, e.g., John Schwartz, Judge’s Ruling on Gulf Oil Spill Lowers Ceiling on the Fine BP Is Facing, N.Y. Times (Jan. 15, 2015), (observing that Judge Carl J. Barbier of the Federal District Court in New Orleans found BP grossly negligent in causing the 2010 Gulf of Mexico oil spill).

166See supra note 151 and accompanying text.

167Cf. supra note 157 and accompanying text (raising the objection that penalizing managers for poor judgment would be inappropriate and impractical for court review).

168Schwarcz, supra note 142, at 47.

169Schwarcz, supra note 31, at 673–77.

170Id. at 675.

171Id. at 675.

172Id. at 676–77.

173Cf. supra notes 120–22 and accompanying text (discussing the application of a precautionary principle to this Article’s cost–benefit analysis).

174See supra note 124.

175For expected value examples of that weighing of costs and benefits, see Schwarcz, supra note 142.

176Posner, supra note 139, § 1.2, at 13. I realize that this Article is making a normative claim based on a factual observation, but norms generally are, and should be, tethered to reality. Isaiah Berlin, Personal Impressions xxi (Henry Hardy ed., Princeton Univ. Press 2d ed. 2001) (1981); cf. Lucian A. Bebchuk, A New Approach to Corporate Reorganizations, 101 Harv. L. Rev. 775, 776–77 (1988) (grafting a normative analysis onto a positive assumption, in this case taking the existence of corporate reorganizations in bankruptcy law as a given to put forth a suggestion to improve the reorganization process).

177Robin Paul Malloy, Law in a Market Context 190–91 (2004). Kaldor–Hicks efficiency aims to maximize society’s aggregate utility. Id. Legal reasoning concerning non-voluntary or non-consensual transactions employs the Kaldor–Hicks test as a hypothetical efficiency standard in considering “what rules and institutional mechanisms might best advance social welfare.” Id. at 191. Additionally, when “a right is protected by a liability rule it is subject to a Kaldor–Hicks efficiency analysis and can be subject to a forced exchange if social utility can be enhanced.” Id.

178See Frank H. Easterbrook & Daniel R. Fischel, The Economic Structure of Corporate Law 38 (1991); Amir N. Licht, The Maximands of Corporate Governance: A Theory of Values and Cognitive Style, 29 Del. J. Corp. L. 649, 651, 705–07 (citing Easterbrook & Fischel, supra, at 35–39). The traditional law and economics view of the shareholder-value-maximization rule as “efficient and workable” relies on the rule’s ability to take “advantage of the firm’s strength due to its tendency to maximize wealth in general.” Id. at 706. Under the shareholder-value-maximization rule, Judge Easterbrook and Professor Fischel believe that the firm can maximize wealth in general for two primary reasons. First, the managers work in the interests of the shareholders alone (without regard for the benefit or harm to the public), which keeps agency costs lower, thus allowing social wealth to rise. Second, the focus on maximizing the firm’s residual value helps the other “constituencies” automatically: “In a market economy each party to a transaction is better off.” Id.; see also Mark J. Roe, The Shareholder Wealth Maximization Norm and Industrial Organization, 149 U. Pa. L. Rev. 2063, 2065 (2001) (explaining that under the utilitarian approach, the shareholder-value-maximization rule increases overall fairness and wealth because it provides managers with an easy-to-follow metric that views the shareholders as the firm’s residual beneficiaries, and it benefits employees and other stakeholders through producing fluid and efficient capital markets while still giving them the option to contract with the corporation for what they want). Moreover, the “considerably outweigh” requirement provides a margin of safety to protect the public. See supra notes 173–74 and accompanying text.

179And because any such harm would not be to the firm, any lawsuit by shareholders would not even be a “derivative” suit.

180The government might also consider experimenting with DPAs as a means to refocus corporate governance towards this Article’s public governance duty. Cf. Kaal & Lacine, supra note 96, at 55 (“DPA-related business changes, board changes, and cooperation requirements could over time have a substantive impact on corporate governance.”). That assumes, however, that DPAs are used in the future to try to deter excessive risk-taking that is not illegal; heretofore, they have been used only to deter crime and other illegal actions. See supra note 103 and accompanying text.

181David Freeman Engstrom, Private Enforcement Pathways: Lessons from Qui Tam Litigation, 114 Colum. L. Rev. 1913, 1919 (2014).

18231 U.S.C. §§ 3729–3733 (2012).

183Engstrom, supra note 181, at 1943.

184Id. at 1944.

185Id. (italics added).

186Id.

187Id. (citing 31 U.S.C. § 3730(b)–(d)); see also Richard A. Bales, A Constitutional Defense of Qui Tam, 2001 Wis. L. Rev. 381, 381–85; cf. Heidi Mandanis Schooner, Private Enforcement of Systemic Risk Regulation, 43 Creighton L. Rev. 993 (2010) (arguing that the qui tam litigation model could be used to help enforce regulations meant to reduce systemic risk). Although D&O liability insurance will be needed to incentivize good managers and also to help ensure that sufficient funds are available to properly incentivize private-action lawsuits, see supra note 145, such insurance can undermine incentives. Managers protected by D&O insurance would be more willing to engage in morally hazardous behavior. Richard MacMinn, Yayuan Ren & Li-Ming Han, Directors, Directors and Officers Insurance, and Corporate Governance, 35 J. Ins. Issues 159, 165 (2012) (observing that “[t]he major criticism of corporate purchase of D&O insurance is that it creates moral hazard problems for” the managers covered by such insurance). A possible solution might be to increase the size of the deductible for actions that result in systemic harm.

188Bales, supra note 187, at 384 (quoting Lujan v. Defenders of Wildlife, 504 U.S. 555 (1992)).

189Id. (citing Vt. Agency of Nat. Res. v. United States ex rel. Stevens, 529 U.S. 765, 777–78 (2000)).

190That additional standing claim might be subject to a “prudential” limitation to standing—that a citizenplaintiff’s injury should not be merely “a ‘generalized grievance’ shared in equal measure by all or a large class of citizens.” Id. at 397 (citing Warth v. Seldin, 422 U.S. 490, 499 (1975)). But Congress may, by statute, waive that prudential limitation. Warth, 422 U.S. at 501; see also Bales, supra note 187, at 398.

191See supra Part I.A.2. By effectively privatizing enforcement, this approach to imposing personal liability would also respond, at least indirectly, to the impediment that the shrinking of resources is tightening prosecutorial risk–reward assessment. See supra Part I.C.2.

192See Sarbanes–Oxley Act of 2002 § 304, 15 U.S.C. § 7243 (2012) (authorizing the SEC to enforce the recovery of bonuses paid to CEOs and CFOs of public companies when the company issues financial restatements due to material noncompliance “with any financial reporting requirement under the securities laws” resulting from misconduct); Dodd-Frank Wall Street Reform & Consumer Protection Act, Pub. L. No. 111-203, § 954, 124 Stat. 1376, 1382 (2010) (codified at 15 U.S.C. § 78j-4) (improving Sarbanes–Oxley Act of 2002, Section 304 by designating a firm’s board of directors, rather than the SEC, as the enforcer of clawbacks and removing a misconduct prerequisite for clawbacks); Jesse D. Gossett, Financial Institution Executive Compensation: The Problem of Financially Motivated Excess Risk-Taking, the Regulatory Response, and Common Sense Solutions, 14 U.C. Davis Bus. L.J. 51, 63 (2013) (“Despite these subtle differences, the intent of both laws is the same: To hold those in charge of a publicly traded corporation responsible when they profit from inaccurate or fraudulent financial reporting. As will be shown, this will do nothing to actually reduce the level of systemic risk at financial institutions which means this provision will be largely ineffective at holding off the next financial crisis.”).

193See Steven L. Schwarcz, Conflicts and Financial Collapse: The Problem of Secondary-Management Agency Costs, 26 Yale J. on Reg. 457, 465–66 (2009).

194Miriam A. Cherry & Jarrod Wong, Clawbacks: Prospective Contract Measures in an Era of Excessive Executive Compensation and Ponzi Schemes, 94 Minn. L. Rev. 368, 389 (2009) (quoting Morgan Stanley Executives Forgo Bonuses, as Program Is Changed, N.Y. Times: DealBook (Dec. 8, 2008, 3:31 PM), http://dealbook.nytimes.com/2008/12/08/morgan-stanley-executives-forego-bonuses-as-program-is-changed.

195See supra notes 95–99 and accompanying text.

196Cf. Arlen, supra note 99, at 152–53 (observing that DPAs create “prosecutorial authority to engage in firm-specific regulation of corporate practices relating to deterring and investigating corporate crime”). Thus, DPAs could be used to require a firm to identify and, by reducing their compensation or firing them, to punish such wrongdoing individuals.

197Cf. Lucian A. Bebchuk & Holger Spamann, Regulating Bankers’ Pay, 98 Geo. L.J. 247 (2010) (arguing that bank compensation structures have provided executives with the incentive to take excessive risks).

198Cf. infra note 199 and accompanying text (proposing regulation mandating that all systemically important firms adopt clawback managerial compensation).

199See, e.g., Schwarcz, supra note 193, at 468–69 (observing that government regulation may well be the best way to resolve the collective-action problem that deferred or contingent compensation schemes can competitively disadvantage firms individually implementing those schemes); cf. supra note 40 and accompanying text (discussing how the government is attempting to identify systemically important firms).

200See supra Part I.B.1.

201See Schwarcz, supra note 136, at 36–42.

202See Steven L. Schwarcz & Lucy Chang, The Custom-to-Failure Cycle, 62 Duke L.J. 767, 792 (2012), and sources cited therein.

203Id. (quoting John L. Diamond, Lawrence C. Levine & Anita Bernstein, Understanding Torts 47 (4th ed. 2010)).

204Id. at 793 (quoting Steven Hetcher, The Jury’s Out: Social Norms’ Misunderstood Role in Negligence Law, 91 Geo. L.J. 633, 654 (2003)).

205Id. at 793–94 (footnote omitted).

206See supra notes 28–29 and accompanying text.

207See supra Part I.A.2.

208Remarks of Attorney General Eric Holder, supra note 18 (observing that this is “the same principle behind the Sarbanes-Oxley requirement that a designated company executive must sign its accounting forms and bear liability for misrepresentations”).

209See Todd S. Fishman & Brian de Haan, Lessons from the Credit Crisis: A Subtle Shift in the Long Reach for Top Executives, 17 Wallstreetlawyer.com: Sec. Electronic Age, Dec. 2013, at 9.

210Remarks of Attorney General Eric Holder, supra note 18. The Responsible Corporate Officer (RCO) doctrinedoes not require the government to pierce the corporate veil or show that the officer personally perpetrated or otherwise participated in the wrongful act. If the government proves that the defendant was a corporate officer who failed to use his or her authority to assure that the corporation complied with laws and regulations, the government may hold the defendant individually responsible under the RCO doctrine as an alternative theory of liability.Noël Wise, Personal Liability Promotes Responsible Conduct: Extending the Responsible Corporate Officer Doctrine to Federal Civil Environmental Enforcement Cases, 21 Stan. Envtl. L.J. 283, 288 (2002). Similarly, the “failure to supervise” theory “merely requires a showing that the senior executive possesses the ‘power to control’ the violator and, if such control can be shown, mere negligence as to whether the violator was adequately supervised.” Fishman & de Haan, supra note 209. Thus, under these and similar theories of liability, there appears to be no requirement to show that the executive participated in the underlying act; all that is required is a showing that the person was a corporate officer (under the RCO doctrine) or possessed power to control (under the “failure to supervise” theory), and failed to assure that the corporation complied with the laws and regulations (under the RCO doctrine) or was negligent in the supervision of its subordinates (under the “failure to supervise” theory).

211Jill Treanor, Regulators Want Reckless Bankers to Be Criminally Liable Under New Plans, Guardian (July 30, 2014, 6:44 AM), .

212See supra note 52 and accompanying text; cf. Anne Tucker Nees, Who’s the Boss? Unmasking Oversight Liability Within the Corporate Power Puzzle, 35 Del. J. Corp. L. 199, 200–01 (2010) (observing that following the financial crisis, many regulators and investors were left wondering the same question: who is in charge and who is to blame?).

213See supra note 12 and accompanying text.

214See supra note 33 and accompanying text.

215See supra notes 51–53 and accompanying text.

216See, e.g., Daniel Kahneman & Dan Lovallo, Timid Choices and Bold Forecasts: A Cognitive Perspective on Risk Taking, in Choices, Values, and Frames 401 (Daniel Kahneman & Amos Tversky eds., 2000).Perhaps the most important cause of risk aversion is loss aversion, the discrepancy between the weights that are attached to losses and to gains in evaluating prospects. Loss aversion is not mitigated when decisions are made in an organizational context. On the contrary, the asymmetry between credit and blame may enhance the asymmetry between gains and losses in the decision maker’s utilities. The evidence indicates that the pressures of accountability and personal responsibility increase the status quo bias and other manifestations of loss aversion. Decision makers become more risk averse when they expect their choices to be reviewed by others and they are extremely reluctant to accept responsibility for even a small increase in the probability of a disaster.Id. (citations omitted).

217Cf. Sean Farrell, HSBC Directors to Quit Over Threat to Jail Bosses for Banking Crises, Guardian (Oct. 7, 2014, 10:36 AM), (reporting that two HSBC directors threatened to quit in protest of proposed United Kingdom regulations subjecting bankers of a failed bank to criminal liability unless they could prove that they acted appropriately).

218See supra note 211 and accompanying text.

219Farrell, supra note 217.

220In contrast, I view the proposed United Kingdom regulation, see supra note 211 and accompanying text, as unreasonable both in its reversal of the burden of proof, which comes close to imposing strict liability, and in its criminal penalty.

221See, e.g., Scott Baret et al., Deloitte, Developing an Effective Governance Operating Model: A Guide for Financial Services Boards and Management Teams 1 (2013), (observing that many boards have voluntarily appointed chief risk officers (CROs) in order to bolster the effectiveness of their companies’ governance). Foreign jurisdictions are also increasingly requiring the appointment of CROs. See Org. for Econ. Co-operation & Dev., Risk Management and Corporate Governance 17 (2014), .

222See supra notes 123–28 and accompanying text.

223As will be shown, the managers that should be subjected to personal liability by narrowing limited liability are those who can directly profit by the corporate risk-taking. Infra notes 232–34 and accompanying text. Hence, Holder’s observation most directly applies, that if managers “enjoy all of the rewards of excessively-risky activity while bearing none of the responsibility,” it inevitably will lead to excessive risk-taking. Holder, supra note 18.

224See, e.g., Model Bus. Corp. Act § 6.22(b) (1984); id. § 6.22 cmt. (“Section 6.22(b) sets forth the basic rule of non-liability of shareholders for corporate acts or debts that underlies modern corporation law.”).

225Schwarcz, supra note 59, at 8.

226Id. at 8.

227Id. at 9.

228Id. at 13.

229See Fin. Stability Bd., Strengthening the Oversight and Regulation of Shadow Banking 1 (2012), (describing the shadow-banking system as “credit intermediation involving entities and activities outside the regular banking system”). Shadow banking is sometimes alternatively defined as the provision of financing by any type of financial intermediary that operates without access to central bank liquidity or public sector credit guarantees. Tobias Adrian & Adam B. Ashcraft, Fed. Res. Bank of N.Y., Shadow Banking Regulation 5 (2012).

230Fin. Stability Bd., Global Shadow Banking Monitoring Report 8 (Nov. 18, 2012), (estimating shadow banking’s worldwide assets in 2011); cf. Zoltan Pozsar et al., Fed. Res. Bank of N.Y., Shadow Banking 4–5 (2010), (arguing that shadow bank financing appears to dwarf traditional bank financing).

231Schwarcz, supra note 59, at 2.

232Id. at 18.

233Id. at 19.

234Id.

235Id. at 20.

236Id.

237Id. at 21.

238Id. at 23 (proposing that such investor-managers be subjected to double liability—i.e., liability equal to twice their equity investment—for their firm’s obligations).

239See supra Part I.B.2.

240They are more likely to be risk-prone. Schwarcz, supra note 59, at 18.

241See supra note 238 and accompanying text (proposing a double liability limit).

242This route is easier and less costly for several reasons, including that firms are more likely to settle as a cost of doing business. See supra notes 10–11 and accompanying text.

243These other approaches include clawing back compensation and possibly reassigning corporate responsibility. See supra Parts III.B & III.D.

244Recall that shadow banking refers to the decentralized provision of financing outside of traditional banking channels. See supra note 229 and accompanying text.

245This Article suggests narrowing that limited liability to double liability or some other multiple of the investment. See supra note 238 and accompanying text.